last executing test programs:

3m33.296244727s ago: executing program 0 (id=1137):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x16, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000006000000000000002d06000018110000", @ANYRES8=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bfe70000ef2cb1e7bc000000005509010000128cd2c2ff77817100000018120000da101431af1eefced44788d3264363e7ef2954ee408b96ac8d8f0e021cb07996795023c1b743e30bb4a2cff8a030a0ab7a7d45d4f5121e45741adca182b953d11ed6b2dc13cef8c6d114358cb996e8a19b2f491589b681ab39575089dfd4531f56ce55c525325e4b72e3ef14340735eb14217affd265f958ee3a88e5dd6536ece8bebdef5ba233666be027d5c554089a3d02a7ce7a75f21cc3967d79651c4760a2f5cd4c66fe173dc5a4b3d9de28e44d49cf8b3d8f77c27da2fd89f634c5ab05755180eadf0366f4c8b1b4ce0286ecac1bd06959aec4e6fa990e15eecc782e7c677fc16ef4b10b37ea76a95b6dc333ae67bac64f75dbd29d4391f571bc4c5c7f77ac5e8e7385d0b6e9005b076d4e11907ced978aa2ff46c9297305bf292a131207cd7ee83cf5e1826bf186390882a47eb008bfece2b3d299", @ANYRES32=r0, @ANYRESHEX=r0], &(0x7f0000000000)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
syz_open_dev$vim2m(&(0x7f0000000040), 0x7ffffffe, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x80200, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x7, &(0x7f0000000040)=0x9, 0x4)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000001c0))
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x24, 0x1, 0x1, 0x201, 0x0, 0x0, {0x1, 0x0, 0x20}, [@CTA_TUPLE_REPLY={0x4}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x804}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x2004880c}, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r4 = dup(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r4, 0x2000)
write$binfmt_aout(r4, 0x0, 0xffffffdb)

3m33.225968828s ago: executing program 0 (id=1138):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020)
write$FUSE_INIT(r0, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
creat(&(0x7f00000003c0)='./file0\x00', 0x20)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r1, 0xffffffffffffffff, 0x0)

3m33.22569242s ago: executing program 0 (id=1139):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x244, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, {0x9}}}]}}]}}, 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r1, 0xa, 0x13)
fcntl$setlease(r1, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)

3m32.886887276s ago: executing program 1 (id=1145):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000500), r0)
sendmsg$NFC_CMD_DISABLE_SE(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, r1, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0xc0}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008840}, 0x40000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000030000000000000000000000850000008700000085000000070000009500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c0000003d0009b89ce5d88c00"/28], 0x1c}}, 0x0)
r5 = dup(r3)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0x1)
ioctl$BLKZEROOUT(r5, 0x127f, &(0x7f00000000c0)={0xc00, 0x80600})
bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes-fixed-time)\x00'}, 0x58)
r6 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r6, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x5, {0xa, 0x1000, 0x4, 0x2}})
r7 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r7, &(0x7f0000000180)=@file={0x1}, 0x6e)
listen(r7, 0x100)
unshare(0x62040200)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$IPT_SO_GET_INFO(r8, 0x0, 0x40, &(0x7f0000000140)={'mangle\x00', 0x0, [0x7, 0x2, 0x9, 0x10000, 0x7fffffff]}, &(0x7f00000000c0)=0x54)
socket$unix(0x1, 0x1, 0x0)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
read$eventfd(r9, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc", 0xe)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f0810", 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)

3m32.601865942s ago: executing program 1 (id=1149):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mknodat(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', 0x200, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
getdents64(0xffffffffffffffff, &(0x7f0000002f40)=""/4098, 0x1002)
getdents64(0xffffffffffffffff, 0x0, 0x607a9e0a432a4785)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$VHOST_SET_VRING_ENDIAN(0xffffffffffffffff, 0x4008af13, &(0x7f00000005c0)={0x1, 0xfffffff3})
r4 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$sock_ifreq(r4, 0x8923, &(0x7f0000000040)={'lo\x00', @ifru_hwaddr=@multicast})
socket$nl_route(0x10, 0x3, 0x0)

3m32.156517228s ago: executing program 2 (id=1154):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, 0x0, 0x0)

3m32.156263016s ago: executing program 2 (id=1155):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0xe0000000, 0x5e490420, 0x2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50)
syz_fuse_handle_req(r0, 0x0, 0x0, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
creat(&(0x7f00000003c0)='./file0\x00', 0x20)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

3m31.97603063s ago: executing program 2 (id=1157):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x0, 0xffffffff, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
r3 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x3)
socket$inet_dccp(0x2, 0x6, 0x0)
accept4(r3, 0x0, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x24, 0x0, 0x10, 0x70bd2a, 0x25dfdbfb, {}, [@NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0x6b4}, @NL80211_ATTR_TXQ_QUANTUM={0x8}]}, 0x24}}, 0x4048804)
sendmsg$NL80211_CMD_SET_COALESCE(r4, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, 0x0, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r6}, @void}}}, 0x28}, 0x1, 0x6c00}, 0x0)

3m31.870802809s ago: executing program 2 (id=1160):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x0)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x880}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@delchain={0x5c, 0x64, 0x531, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x6}, {0x10, 0xffff}}, [@filter_kind_options=@f_flower={{0x5}, {0x2c, 0x2, [@TCA_FLOWER_KEY_ENC_IPV6_DST={0x14, 0x21, @mcast1}, @TCA_FLOWER_KEY_ENC_IPV6_DST_MASK={0x14, 0x22, [0xff, 0xffffffff, 0xffffff00, 0xff000000]}]}}]}, 0x5c}}, 0x1000000)

3m31.714567027s ago: executing program 2 (id=1162):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000d80)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df895d9907e4afb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b907e0974f1073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf4dee8512f3bac440f5d5e4bed6b897608b01eae26a54433e5f5c74a2ee3c2fc50067be05a677ff52a7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fedb679328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c", 0x3a2}, {&(0x7f0000000540)="d805d6a36cce59e7ed5a1f89dd32d02bfe653c", 0x13}], 0x2, 0x0, 0x0, 0x8004}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)
ppoll(&(0x7f0000000240)=[{r0, 0xe4}], 0x1, 0x0, 0x0, 0x0)

3m31.523067556s ago: executing program 2 (id=1163):
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
socket$netlink(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r2, &(0x7f0000000200), 0xfffffd9d)

3m31.446253892s ago: executing program 1 (id=1164):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
chdir(0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000020240), 0x10010)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/43, 0x7ffff000}, {&(0x7f0000000480)=""/165, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x2aa, 0x0)

3m31.386309198s ago: executing program 1 (id=1165):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x7, r1, 0x0, &(0x7f0000bd9000/0x3000)=nil, 0x3000})
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f0000000040)={0x28, 0x7, 0x0, r1, 0x3, 0x2, 0x7})

3m31.314989199s ago: executing program 1 (id=1167):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
r2 = accept4$inet6(r0, 0x0, 0x0, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10)
sendmmsg(r1, &(0x7f0000000400)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)="a0435c8eabddf26e84", 0x9}], 0x1}}], 0x1, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

3m30.456104521s ago: executing program 3 (id=1171):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000003c0)={'ip6gre0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x29, 0x0, 0x0, 0xcbf, 0x4, @remote, @local, 0x0, 0x8, 0x0, 0xd66}})
mount$nfs4(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='fsc'])
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000040)={'ip6tnl0\x00', 0x0, 0x4, 0x0, 0x2, 0x4038a09, 0x4, @empty, @empty}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
io_uring_setup(0x3055, &(0x7f00000001c0)={0x0, 0xbaf, 0x846, 0x10000000, 0x1de})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x100000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil})
socket$l2tp6(0xa, 0x2, 0x73)
socket$l2tp6(0xa, 0x2, 0x73)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
listxattr(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7ffffffc}]})
setxattr$trusted_overlay_origin(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), &(0x7f0000000340), 0x2, 0x3)
signalfd(r1, &(0x7f0000000240)={[0x3]}, 0x8)

3m30.386068425s ago: executing program 3 (id=1172):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r0, &(0x7f00000000c0)="822a0a65bd8c002b0304000e", 0xc)

3m30.385732136s ago: executing program 3 (id=1173):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYBLOB="090200000000000000000100"], 0x34}}, 0x0)

3m30.316215065s ago: executing program 3 (id=1174):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000480)=ANY=[@ANYBLOB], 0xffe)

3m30.165687193s ago: executing program 0 (id=1175):
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x44004)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private2}, 0x1c)
open$dir(&(0x7f0000000080)='./file0\x00', 0x101, 0x10b)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m30.165466114s ago: executing program 0 (id=1176):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x9, 0x9, &(0x7f0000000640)=@framed={{0x18, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, [@map_fd, @initr0, @exit, @alu={0x4, 0x0, 0x3, 0x3, 0x0, 0x0, 0x10}]}, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getpid()
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$IOC_PR_REGISTER(0xffffffffffffffff, 0x401870c8, &(0x7f0000000240)={0xfff, 0x101, 0x1})
socket$key(0xf, 0x3, 0x2)
socket$key(0xf, 0x3, 0x2)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x0, 0x407}}}, 0x7)
r4 = syz_open_procfs(0x0, &(0x7f0000000240)='net/wireless\x00')
preadv(r4, &(0x7f00000002c0)=[{&(0x7f0000000400)=""/159, 0x9f}], 0x1, 0xee, 0x97e)

3m29.797656762s ago: executing program 3 (id=1177):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892", 0xc)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched_retired(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0)
recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000500)=""/229, 0xe5}, {&(0x7f0000000840)=""/127, 0x7f}, {&(0x7f0000000400)=""/101, 0x65}, {&(0x7f00000000c0)=""/33, 0x21}, {&(0x7f00000004c0)=""/21, 0x15}], 0x10}}], 0x2, 0x60, 0x0)

3m27.170315727s ago: executing program 1 (id=1178):
io_submit(0x0, 0x0, &(0x7f0000000200))
syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)={0x2, 0x14, 0x0, 0x2, 0x2}, 0x10}, 0x1, 0x7}, 0x18)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000016c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r2, 0x8914, &(0x7f0000000000))
ioctl$sock_netrom_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000280)={0x0, @bcast, @bpq0, 0xffff, 'syz0\x00', @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0xfffffdba, 0x2, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]})
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
accept4$x25(r3, 0x0, &(0x7f00000001c0), 0x800)
r4 = syz_init_net_socket$ax25(0x3, 0x3, 0xcb)
bind$ax25(r4, &(0x7f0000000540)={{0x3, @bcast, 0x1}, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
connect$ax25(r4, &(0x7f00000001c0)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x5}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
ioctl$sock_ifreq(r3, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0xf, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
syz_usb_connect$hid(0x5, 0x0, 0x0, 0x0)

3m27.169844911s ago: executing program 3 (id=1179):
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0xc000094)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001000010400"/19, @ANYRES32=0x0, @ANYBLOB="00000000000000002400128009000100626f6e640000000014"], 0x44}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

3m16.803648677s ago: executing program 0 (id=1180):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x1}, 0xe)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000140)={0x1f, 0x4, @none, 0x0, 0x2}, 0xe)
statfs(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)=""/67)
acct(0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x800016, &(0x7f0000000100)={[{@grpquota_inode_hardlimit={'grpquota_inode_hardlimit', 0x3d, [0x35, 0x31, 0x2d, 0x67]}}], [{@uid_eq={'uid', 0x3d, 0xee00}}, {@pcr={'pcr', 0x3d, 0x5}}, {@hash}, {@audit}]})

3m11.902962235s ago: executing program 32 (id=1163):
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
socket$netlink(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r2, &(0x7f0000000200), 0xfffffd9d)

3m1.946927582s ago: executing program 33 (id=1180):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x1}, 0xe)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000140)={0x1f, 0x4, @none, 0x0, 0x2}, 0xe)
statfs(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)=""/67)
acct(0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x800016, &(0x7f0000000100)={[{@grpquota_inode_hardlimit={'grpquota_inode_hardlimit', 0x3d, [0x35, 0x31, 0x2d, 0x67]}}], [{@uid_eq={'uid', 0x3d, 0xee00}}, {@pcr={'pcr', 0x3d, 0x5}}, {@hash}, {@audit}]})

3m1.694617095s ago: executing program 34 (id=1178):
io_submit(0x0, 0x0, &(0x7f0000000200))
syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)={0x2, 0x14, 0x0, 0x2, 0x2}, 0x10}, 0x1, 0x7}, 0x18)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000016c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r2, 0x8914, &(0x7f0000000000))
ioctl$sock_netrom_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000280)={0x0, @bcast, @bpq0, 0xffff, 'syz0\x00', @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0xfffffdba, 0x2, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]})
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
accept4$x25(r3, 0x0, &(0x7f00000001c0), 0x800)
r4 = syz_init_net_socket$ax25(0x3, 0x3, 0xcb)
bind$ax25(r4, &(0x7f0000000540)={{0x3, @bcast, 0x1}, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
connect$ax25(r4, &(0x7f00000001c0)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x5}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
ioctl$sock_ifreq(r3, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0xf, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
syz_usb_connect$hid(0x5, 0x0, 0x0, 0x0)

3m1.204677421s ago: executing program 35 (id=1179):
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0xc000094)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001000010400"/19, @ANYRES32=0x0, @ANYBLOB="00000000000000002400128009000100626f6e640000000014"], 0x44}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

2.960078749s ago: executing program 7 (id=4938):
mknod$loop(&(0x7f0000000100)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='efs\x00', 0x483, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0xee01, 0xee00}}, './file0\x00'})
newfstatat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x400)
getresuid(&(0x7f0000000500), &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000300))
fsconfig$FSCONFIG_SET_PATH(r0, 0x3, &(0x7f0000000480)='}\x00', &(0x7f00000004c0)='./file0\x00', r0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140), 0x100000, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@msize={'msize', 0x3d, 0x7}}], [{@context={'context', 0x3d, 'unconfined_u'}}, {@uid_gt={'uid>', 0xee01}}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@fowner_lt={'fowner<', r1}}, {@audit}, {@fsmagic={'fsmagic', 0x3d, 0x3000000000000}}, {@euid_lt={'euid<', r2}}, {@appraise}]}})

2.959896884s ago: executing program 7 (id=4939):
r0 = syz_open_dev$vim2m(&(0x7f0000000200), 0x1, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000100)={0x0, @raw_data="7638f9ac95a51873abbe766958300598bfc23cd058ac3ea0adf11c025565419070e36716f4868d74482d1ce8b73e8b80ec0d1b059ab2d4ebade78112986ac1089975f019e6758f7bb9ee19c1d72e6f8e066a64af7f369bdf345d1742b596c85a417bd829ef9538fbe14f50da9206b7d8fd63e712d88089891add2b0f74ea5938f1fece5417647a3320c7a917d0fc16bbb9071713576081d8fdbdc0d03e0ba928d852614192823d4871c04d1a43f7e52b1736b1617d88df3ad8b7c8535494c814bf77c2eee384c348"})
ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000240)=0x2)
close(0x3)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x3, 0x600100)
ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000080)=0x80000001)

2.903735554s ago: executing program 7 (id=4942):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[<r1=>0x0], &(0x7f0000000180)=[<r2=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r1, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0xd6, 0x1c, 0xd, 0x5, 0x401, 0xfff5, 0xa, 0x0, 0x52, 0x8000, 0x7e9, 0x401, 0x9aa1, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[r1, r2], 0x2, 0x0, <r3=>0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000340)={0x0, 0x0, r1, 0x0, 0x0, 0x7ef, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b170ea7a1316b81525ccf0f8b91fd2f9ee851ba62b00d87337407214ea270251"}})
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={0x0, 0x80000, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(r6, 0xc00464c9, &(0x7f00000000c0)={r3})
getsockopt$inet6_udp_int(r5, 0x11, 0x66, 0x0, &(0x7f0000000040))
close_range(r0, r4, 0x2)

2.903221687s ago: executing program 7 (id=4944):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendto$inet(r2, &(0x7f0000000040)="a6", 0xffffff4c, 0x0, 0x0, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000580)='/proc/sys/net/ipv4/tcp_timestamps\x00', 0x1, 0x0)
sendfile(r4, r3, &(0x7f00000000c0)=0x8b, 0x100000500)
ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f0000000080)={0x3, 0x6})
setsockopt$inet_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f0000000140)=@ccm_128={{}, "3f968a231afa0e18", "4a952e4ea416ad75f769d6386c3c044b", '\by\x00', "e4eb37b07ad86ed7"}, 0x28)

1.946086289s ago: executing program 7 (id=4951):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendto$inet(r2, &(0x7f0000000040)="a6", 0xffffff4c, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TLS_TX(r2, 0x29, 0x1, &(0x7f0000000140)=@ccm_128={{}, "3f968a231afa0e18", "4a952e4ea416ad75f769d6386c3c044b", '\by\x00', "e4eb37b07ad86ed7"}, 0x28)

1.456762323s ago: executing program 4 (id=4964):
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={<r0=>0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x4})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0xc000094)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4008815}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001000010400"/19, @ANYRES32=0x0, @ANYBLOB="00000000000000002400128009000100626f6e640000000014"], 0x44}}, 0x8045)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea8", 0x6b}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001f40)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000003b000701000000000ce2aa66027c00000400000014000180"], 0x2c}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_BEACON(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000700)={0xc8, 0x0, 0x800, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_IE_ASSOC_RESP={0xaf, 0x80, [@challenge={0x10, 0x1, 0xda}, @prep={0x83, 0x25, {{0x0, 0x1}, 0x7, 0x9, @device_a, 0x6, @value=@broadcast, 0x1, 0x5, @broadcast, 0x1}}, @gcr_ga={0xbd, 0x6, @device_b}, @ssid={0x0, 0x6, @default_ap_ssid}, @measure_req={0x26, 0x8, {0x3, 0x1b, 0x8, "dd6bfda2c9"}}, @chsw_timing={0x68, 0x4, {0x7, 0x3ff}}, @tim={0x5, 0x5f, {0x7, 0x8c, 0x7, "b3500bdf8a364ceff5cf12be4e38c4a5d18bc2961dcddc55af3b81bb0eebf7f40e93f817eaa125586c62ede644900fac44786d98c99ded5135809b5e3810d0f547e938216c0899a14bfa896e1b4916d04cc0cd212187effc03a43340"}}]}, @NL80211_ATTR_FTM_RESPONDER={0x4}]}, 0xc8}, 0x1, 0x0, 0x0, 0x800}, 0x40)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1.39041159s ago: executing program 4 (id=4965):
socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/fscaps', 0x6b0240, 0x102)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="66baa000ecc744240011000000c7442402b16e0000ff2c2443f466baf80cb8f2c96789ef66bafc0c66ed0f072e0f01c248b820450000000000000f23d00f21f835000000010f23f8c46289900cabb9f9080000b8c93c0000ba000000000f30c4816857a601000000", 0x68}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000100)={0x2, 0x0, [{0x38c, 0x0, 0x6}, {0xa42, 0x0, 0xfffffffffffffffd}]})
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x1, 0x0, @pic={0x8, 0x7, 0x8, 0x14, 0x2, 0x1, 0xc5, 0x9, 0x28, 0x2, 0x1, 0x95, 0xb, 0x8, 0x8e, 0x4}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.283559016s ago: executing program 4 (id=4969):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x183341, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @rand_addr=0x64010102}, 0x10)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r2, 0xffffffff80000800, 0x0, &(0x7f0000000280)={0x8, 0x1, 0x0, 0x2, 0x9, 0x9, 0x0, 0x0, 0x982f})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x6c}}, 0x0)
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000000)={0x5, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27"})
ioctl$SW_SYNC_IOC_INC(r4, 0x40045701, &(0x7f0000000040)=0xa45)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x38, 0x3, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0xfffffd9d)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10)
sendto$inet(r0, &(0x7f0000000380)="618264f8464a50ce02423ac341e419fda6ee77e224ec01f3e29b345a0c5cb628383b727935a42753f35b3c5127cc82cc096f8b9e6e7bd04a8f9059565dbfd183d2402aa35bb196a3c04c5512c6b32d07d05efb9bc427659e618ec08674882a08009c55d18034b2c1cd8b2d7825c093d40d4505b88d31980795035ce8749e798abb000000000000000000", 0x1, 0x48c3, 0x0, 0xe)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0x8, 0xc9100120, 0x0, 0x0)

1.218890237s ago: executing program 6 (id=4972):
r0 = socket$unix(0x1, 0x4, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f00000000c0)=@ethtool_regs={0x4, 0x0, 0x1c, "f42a97b96d025891dd3f75fdda624457ad3d5c36389c308570204262"}})
socket$unix(0x1, 0x4, 0x0) (async)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f00000000c0)=@ethtool_regs={0x4, 0x0, 0x1c, "f42a97b96d025891dd3f75fdda624457ad3d5c36389c308570204262"}}) (async)

1.218763085s ago: executing program 6 (id=4973):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
write(0xffffffffffffffff, &(0x7f0000000040)="2700000014000707030e0000120f0a0011000100f5fe009d2fb112", 0x1b)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="00000097c3199945e3eadae14708c82ec713c20000070002", 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0x10, 0x2, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="595300000000fddbdf256b00000008b428c330cabbe52766883961b949a200732f", @ANYRES32=0x0, @ANYBLOB="0c0099000200000047000000"], 0x28}}, 0x40)
r3 = socket$inet(0x2, 0x3, 0x33)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100))
getsockopt$inet_mreqsrc(r3, 0x0, 0x28, &(0x7f0000000140)={@dev, @local, @broadcast}, &(0x7f0000000180)=0xc)
ioctl$PPPIOCSDEBUG(0xffffffffffffffff, 0x40047440, &(0x7f0000000080)=0x2)

1.141144599s ago: executing program 6 (id=4975):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_LOOPBACK(r0, 0x65, 0x3, 0x0, &(0x7f0000000040))
r1 = socket(0x10, 0x3, 0x9)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETOFFLOAD(r2, 0x400454c9, 0xba98575a95aeb70d)
r3 = syz_io_uring_setup(0x10e, &(0x7f00000001c0)={0x0, 0x0, 0x1000, 0x0, 0x222}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13})
io_uring_enter(r3, 0x47f9, 0x0, 0x0, 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETOFFLOAD(r6, 0x400454ce, 0x6)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000013c0)=ANY=[@ANYBLOB="140000005304010000000000f600000000000000140000815cdb53f2903000110001000007000000"], 0x28}, 0x1, 0x0, 0x0, 0x64841}, 0x40000)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount(&(0x7f0000000300)=@sg0, &(0x7f0000000380)='./bus\x00', &(0x7f00000003c0)='xfs\x00', 0x0, &(0x7f0000000000)='usrquota')
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r7, &(0x7f0000000280)={0xa, 0x4e21, 0x5, @mcast1, 0x9}, 0x1c)
r8 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000340), 0xc2800, 0x0)
ioctl$SIOCSIFHWADDR(r8, 0x8924, &(0x7f0000000380)={'pim6reg0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x25}})
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r9=>0x0, 0x7f, 0x30, 0xda9, 0x5}, &(0x7f0000000300)=0x18)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000080)={<r10=>r9, 0xba, "749ab17d8a06124a4d54cbc8bd609b2f92d32c98abaa9a1fb4c0e3962385a44deed4011c50c13a1ccd6c32695f1b7140c0c346b06a88b0d53bc0a8bcbf7195a0254e219e7cf2be6ffa1be21bd095de97b6b3b997fedaa1e7c600f2215f6f1b60a4f059b24329e870989da5f6534aebe2aec5d00332563e3c41a2b3e755797546fb6e82bacf973cb8d4976e5f486719b538e83cfdc5348d9424db4ef7322be493797d984887633d92e850b48935fe1aa2f91ee6a76115b6da73f8"}, &(0x7f0000000000)=0xc2)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f0000000180)={r10, 0x9, 0x30}, 0xc)
sendmsg$nl_route_sched(r1, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)=@deltaction={0x44, 0x31, 0x400, 0x70bd25, 0x25dfdbfe, {}, [@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x4000002)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "02080a", 0x8, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[@routing={0x29, 0x0, 0x0, 0xad}]}}}}}, 0x0)

1.005684375s ago: executing program 7 (id=4977):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0xa39, &(0x7f00000000c0)={0x0, 0xfdc8, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000340)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r5, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @dev, 0x8}], 0x1c)
recvmsg(r5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x0)

1.004928753s ago: executing program 5 (id=4978):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r1=>0x0})
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x5c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff3}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8, 0x2, 0xffffffff}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0x9, 0xc8a1, 0xffff5ef5, 0x0, 0x419, 0x3, 0x60}}, {0x4}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x2}, 0x2000c00c) (async)
r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) (async, rerun: 32)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) (rerun: 32)
bind$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @none, 0x4, 0x1}, 0xe)
listen(r5, 0x3) (async)
read$FUSE(r4, &(0x7f0000000580)={0x2020, 0x0, <r6=>0x0, <r7=>0x0, <r8=>0x0}, 0x2020)
write$FUSE_DIRENTPLUS(r4, &(0x7f00000029c0)={0x658, 0x0, r6, [{{0x0, 0x2, 0x8001, 0x46, 0xff, 0x2, {0x6, 0xfa9, 0xfffffffffffffff9, 0xfff, 0x2, 0x3, 0x4, 0x0, 0xed07, 0xa000, 0x8, r7, 0x0, 0x55fd, 0x80000001}}, {0x0, 0x3, 0x6, 0x5, 'vcan0\x00'}}, {{0x6, 0x0, 0x5, 0xffffffffffffffc0, 0x3, 0x200, {0x3, 0x2, 0x5, 0xffffffffffffff01, 0xf, 0x7, 0xffff, 0x2, 0xfffffe01, 0x3000, 0x2, r7, r8, 0x5, 0x4c18}}, {0x0, 0x10001, 0x8, 0xb, '%pB    \x00'}}, {{0x1, 0x0, 0xffffffff, 0x7, 0xf425, 0x2, {0x6, 0x7, 0x2, 0xf, 0xffffffffffffffff, 0x1, 0x2, 0x8, 0x9461, 0xe000, 0x7, r7, r8, 0x8000, 0x1ff8000}}, {0x1, 0xd0a9, 0xa, 0x9a5e, '/dev/cuse\x00'}}, {{0x6, 0x2, 0x5f, 0x4, 0x4, 0x1, {0x0, 0x7, 0x1000, 0xfffffffffffffff9, 0x8001, 0x0, 0x800, 0x80000000, 0xb83, 0xc000, 0x80000001, r7, r8, 0x28a, 0x7}}, {0x5, 0x4, 0x1, 0xa, '\x00'}}, {{0x5, 0x2, 0x8, 0x8001, 0xd, 0x6, {0x6, 0x184, 0x587, 0x8000, 0x8, 0x0, 0xffffffff, 0x6, 0x10, 0x2000, 0xb, r7, r8, 0x80000000, 0xb}}, {0x2, 0x8, 0x1, 0xa2, '('}}, {{0x2, 0x1, 0x9, 0x6, 0xfffffff8, 0x7fff, {0x5, 0x1, 0xc, 0xa, 0x6, 0x6, 0x3, 0x6, 0x7, 0x8000, 0x8, r7, r8, 0x5, 0x3}}, {0x3, 0x2, 0x1, 0x9, ','}}, {{0x6, 0x0, 0x5dd5, 0x3, 0x5, 0x81, {0x3, 0x100000001, 0x5, 0x2, 0x1, 0x2, 0x6, 0x69504f9e, 0x80000000, 0x2000, 0x6, r7, r8, 0x6, 0x5}}, {0x0, 0xfffffffffffffffc, 0x6, 0x4, '&\'.:&('}}, {{0x2, 0x1, 0x401, 0x5, 0x80, 0x4, {0x5, 0x404, 0x5, 0x4, 0x801, 0xff, 0x6, 0xd7a2, 0x7fff, 0x4000, 0x7f, 0x0, 0x0, 0x7fffffff, 0xc6}}, {0x4, 0x100000001, 0x4, 0xf4f, '\\--,'}}, {{0x5, 0x1, 0x7ff, 0x4, 0x3d, 0x7f, {0x6, 0x7, 0x5, 0x3, 0x59ec, 0x5, 0x4, 0xf6c, 0x80000000, 0x4000, 0x80, r7, r8, 0x6, 0x6a4a}}, {0x2, 0x54f, 0x8, 0x3ff, 'nl80211\x00'}}, {{0x5, 0x2, 0x2, 0x49f, 0x7fff, 0x65, {0x5, 0xbe4a, 0x707, 0x4b3, 0x0, 0x3, 0x10001, 0xfffff800, 0x6, 0x4000, 0x4b4cca3e, 0xee00, r8, 0x1, 0x62e2}}, {0x2, 0x101, 0x1, 0x3, '\xad'}}]}, 0x658) (async)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01002cbd7000000000000200000008000300", @ANYRES32=r1, @ANYBLOB="08002201f10000000800260080090000bcfa4c5cbebc00a8d38ba6065a1dcc48efc90da460894c3192585ca58e8f629a32dd45804255994d28ac4f43b525f82f82d62cf5d5737dae23a79cd09edd7a129c32743a2eee6539974e04eb72577aea9123d6023cf5c482b009b182cd7a9eabb526bff46e19ad25643f24db27667a7ef0c88cab0405899845b4cfb226a6e6213238607550353e"], 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x0)

1.004810225s ago: executing program 5 (id=4979):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001ac0)={r0, 0x0, {0x0, 0x0, 0x0, 0x2ead, 0x7fff, 0x0, 0x0, 0x0, 0x4, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174ff10000000000000010e200"}})
pread64(0xffffffffffffffff, &(0x7f00000001c0)=""/215, 0xd7, 0x433)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
landlock_create_ruleset(&(0x7f0000000000)={0x9782, 0x1}, 0x18, 0x0)

1.004635755s ago: executing program 4 (id=4980):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
clock_gettime(0x0, &(0x7f0000000680)={<r1=>0x0, <r2=>0x0})
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(r0, 0x28, 0x6, &(0x7f00000006c0)={r1, r2/1000+10000}, 0x10)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000005c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r3, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
rmdir(&(0x7f0000000040)='./file0/../file0/file0\x00')
read$FUSE(r3, &(0x7f000000e280)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000100)={0x50, 0x0, r4}, 0x50)
syz_fuse_handle_req(r3, &(0x7f000000c280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c7132fd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a00", 0x2000, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)={0x90, 0x0, 0x0, {0x4, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, 0x0, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r3, &(0x7f0000004140)="e605ee59ff948f02a0b50adc3c8f1b0f3a30057addb4536e05a81b6fc628c8526442afca55c2d5e2ca04610b710a0bf051d8f7cb91b68f5367faa3c8d1eb3ed17650c99d406284b538ecba9a278e67a4433502b6c5904267918cabd3ed7d8dbb09fdcd383a19b5620f3b682e46a5ad13a5e35daea7586b8ac0661a79be5086cb2b3f7a2c9d60a3299dc29cf10bddf597954de489587755d4e6cd87d6db8f1ff297c6f066bf38fb564f8d63129aadc0773d0a81b91b0a232ecda4a98c0483b33c709c702a9ef7684120f3cb268a1ec1eeff7228da793227b8de086d04ba722b58c491c3390fee4ab338ee3772adddd22990020d288acff920084cc0fa90f9cce095ecb2ec43132a589d3b1b7bf0cf518f3059c44d5ee5d18dbb8c9357eeadf569819a16b3a738206a83d98e73e0f6cdd4d72741df4e63dd7829694a3b505b294accd83c61bb3d4acfbc10e5d4180b513dacfaa08dc98115437a87419f04e1c6d105b5db1450b57bd0bfdbcd0cb15ba73ce5a213c3e0725786ff2af32d6c209f3695bfd944e403b1e3964c3f2ed0fa3ff2165be735750200808835f381d5a23b439953bfd87f04422596d35c3c9aecb0b9ef6e29f7468b0ccb05cfec9eb7c2e04408c1ed9792b8e5a426ee69ed5861486cbbf77973adc10a4ee5e37449bafb9b5502475802246929825cb1c60322f453bbb7eaf58c890fdd1ae4020b1c7d62ac0118070269cf74ef0843e4f38a51e088e9343296a1d2b3301cdbce8e357a5fe38684a800c9f4ba41a21948f5ca333d17353ac9a13c941e177d7d74ebdfd40fec527259eaa39d3b537324f7074984803046e2864e42641e9f203561ff0eaeed5b37439b54a0225884b5f884637d2f1ff101020b30b8c9a4238178db4b94357aae0c7f956c6985b655228a603665387810f10e8d8b6bfa745618dd3914101a0eccb543e0f82898fab7396d43d01b0f3d477f799b0a8469c26cd4b142a649b927a7b9b7bca66310fced1c066dfe334464d68627666f94f0fe43a60b4168273ddf2c74ab352416d451eba71181d57f27af9231a3e7d0b17a7a3e104fe387a29341e6eb82a751b5c584662ca74814a6c93ed9ea0c9ac11d74f2a2bdaded71f80e041cf886a55d35993bf45010a7f418543c4ee2f9ac8279fc1b721faa864caf3d5e96dcc6fd03b12bded14f6cb4e799bda7397c5580817473975b5bbfe4f298425160c532947292568e773c5c51ddf0deff7c8b9107e9b285f3e53f428cdc522a2589729c19bed7f0e90ea75b064e2c8b024f8634c075bbcc632f7e8bd49b87c061c2ddc94bee46a845441329c30e2c1b6c4c78afe46dc1a9ad3d31c0aee2d4fcd60f4d3454b05a3ae4922caf7f4e58a461648d5ccb8086d66783ed47fa9b6b53e49b6b4601aa5397a1e1d9f34a7038227cd242cf936b9a18d5d273dd0503aa2262f32b8462bf50b6bd9fd4e3ac20218e43fbd659ab9f9840d14f6bfc94e7cc69aa83e2abf93254d65a97c9ab16daca595670d8f0ff180bf6a38ada3484f1ae13ef91512a51afa7e3259ecfd071896ea3911a4dc6bc8a8cc008f9b65178d065fb6aa9528457ea50e9629f9f40b26f4378cb3a95f8c936444586ab530aea865850c186013391d1dd6dc695ff8737570f8f425ac33c3d5553f608678b1c46e5233b7754c1df1e6413f61fd65376921e2008f0a7a563178e53654765797428d2bd1977a38f1404858f192d6336b6242c11f4eed71158650d79ff5e660a08fb1383d3536ee323c934053d2b890d4e7d5fd3e364d5aaf9d16ca5c8eebabf13075b8a46ee321622c8bb0394d00e3fb7ad2012e86ae16dc68fe72912229151178af5d94936fdb292ff0faf952eee56d9fac72b313f30aa491b8e22531901a20a133e17a985ca1c0d1516ed5ce14a9b5b0904185da5203438fb032a212136eeb258131cb08a7c9cf518714f112634a0fe661e99a3d554b5ed46745e438c1f4d8cb1ab7d4895c4c13a55fecf803ad6bcfbfe03db949ea47faeb60bcdf9e0e54085d4e6956e261e21c140ef8032c757d33f03dfa2ca75f4aa416093d7aa527b9538682a617169b6da3ad5a9e4e2dd84c1cb5219b0bc96023597fdb70a82ff6da5c3927656367d61732a173cfe630d05c11057279e8622d9a2a4998400696caa15e2e9052035a6429ff5e81714ea0c01e383213476f69367e2fb8f8965b1d201cfee99821de8f7b716c277ea220da44f41d065e29a3baec4597e1286e517181b355074651a10ccab76acf36e26c435f3f4ec7a4b61947cc89ab078af2ec22e5528a05eb4277a51d1a597f84bb9e7c1f61a9ad27aa260ac60d64894b0b12160923034e633874426b800af1f9b4bb9db55cb64677b04d4b96db4c05260f4720b140b41ecac16ca26efced15d5deef397afb6b20f438a268873e5de4cccb0892b7ea94b1068db0d73c779012bb17c3a4af2bb48a8aca32dacfeaea3701aef6a8d318eac51aa6971429836c768da24d118fef4dc1ba2069991419db1806a3206ca992108f67a6316dbe3b8c009ac7b203fbf21a7010a0d10dc4ca5b7833b7d5c5086760c55df4eed9a227be6801ea3921409b8f31aab770bbf08107bcff1e98074af573ce4e9b6eda991e822b218c311a12669b3b048497fe676a448189937157ff406fb4705924fc693eb626b7c43fed16e0cd5c1719c915cbf97357f215edb78120da490acc3d95d5ff3d6574445df0fb76b2bfb1264c775d1011b3d42ee64ba7d60dea27f258a9fd57bc9d640bdd6bda7701445040abceb5b28c9d4877e0f2a85620fc62cf414a32569fe4f9bded7bdcb7d0f6aa90cb16129b4bf768af5095a977f6df426f438f16d3804a13f9b2941492c8daf2c3f0715c246ecd236d404b75984c9c3b0102cb8b302dda1019cfa5d9dd925e89845d90b85251953e156ce9bd5f889d2637c76c6b7867b60681d5be01251c825059be4f0cfb9789d8ba1a300bacc4b6a71e1f56c333227b8ce54f78636bfae648270d8c64b3681a7b3812fbbb60853b8d07df0c1856c8c5f2d84431763782830befb26b7a88e7aecd02d1600a05da658de59944873810f1fa12f032abae373872ae8729db6dd055c3c5c5efb4508df9116223172ec7df58a64062357ae6adb2a0313a1523986f3790503eb2ce547cfc86c7f5c8d91f320158d6f4005441f3589688ca0747a6dfdae01bd3f69ee006342f1ee326a62d9d45ac144d05e25fbe6e8f8faada6a62d8b6596b2a63d4c8a193ac6f766f7e494a449c0296bb46e0b930c4dd798a09d914faa518ac77807e9e98ec4a5b9a0848651cbd01ca1c0571ea03575902874755af79650d2aa8c6fbea2738e77de7d26962253c25cbaa2f497e8ee710a73360ae5b392ead41f90a83eb528c8994bbb7f0b3f2d22d3c1efdc5e0a5dc5e15a3c673cf0c7dd8ad4c98d6fcd077eac9648328f0f999063421fb9947751cfea199c59ee51000822a3b282f7c85d3d17910485d88f1e1f4dfd8464f8b827db9508a81734958fc17986185eaab1e0bd53da353d9bf170bc04d45a38ba094065fddc1b25c672417469e85313e8afe14d41e9ff6750c442f4e1ccf6d419fc75a7b963036b7d16164926fe4ebe049e650d829983216f04cb226c6f4dae60d01e4582e3c11fae682bc8d053f0167dd1c001627bbd099be1eb88284793f51653939a7507e25544fcdcc1d976393fc412c72aae8295ad7afb37317914f4b9fc6ecfb3968da1c313695827c6141326be5a98fe9ec22639e886b42fe432bd69cd264e6ea1a4d1e1995f2184f16f96e766306eda3ca811c3e29d58e5386be61a5695d3a2639d6502ab2c9a3b3363fdec05ffe933c4574dcf80a61f54ffa9d972305b4bcd16dedc3a068043a04e09b48db8b189a5cb578e15a494c2130590e99086da70dce30a83c3b888c29dd30475b7df13e89af9464f9c34e614717894a2368670dac9bfdf9fdd6dac019e52dc12feb4ab1397d82c4f8061087b1d6c7eadb8992fa279afd5d30915e909ce0e9854957d293c9da10f75b53fc4f69b09d698104b063a4ca1d6f52b074ae3a8c792369458594581ccdf6abb299fbe2091379c3425ad0ac2d85528c338df92e9d8b7607fd33734c7198d7135675d2a82937b821ebacba870973e60b88892d73ef75c39a6525cebf42741285832652f3d25b1c7b5889ca6fe02b11d6bbb79ee2b90c5daa5bdca244a81e0c3fc25ffeef7f5d55894d4f371f3a6fb6232831391f374905118275924e419d15ee87a34a317613de6129716766aff08becb056c714ce7cf1e585e8d591c722c3d12d2521826e0f2be0a2f30e2d3b3969f3dee34ef36152a1699fee3aef25bc365786d8ccb4f9cd6410ab7dc86a9a081438316f0caf4a384dc586a7aedf553e4126ffb85a60da368d10f9fbd8e3a79bd343b27813860835ce980c02d537c35a13e45ef4a3fc475be675091cd01fee4d04be8d23fe8e41fe0f6a1d38bbb8d5b5c7698c70402fe582665c14ff17cb6aadbad209e9326fad68491fff07acc0aeb5548fc99731b00868b5250f9e5f660fc0a966d540e2608b45ef08bc74fc65481985e9867f2aa673f847fd7138d7ebad822a3d7657d27b50c08fc16ef6df10fb6cd354ab83743762631f91f3f75c7c588eab3f7489bb89486f8254c4206f0b31311cba1695e51aab8ceea75ee3130bcb9d82fe93f6d8e4c8adddec30a1863a72a006620e40d89efdfef9c47f54ab1c4d138fd6cf9b02c1a585064f9bb418252002e96e817d903cf858c146233da56d000d6a8cbf7be2379121920b02287588881c85a69223bf3b0f5259270f19af7135cd57eacf2f1e992a187bd1bfba465da2b3451adf04e5c5562cd9890d075046b622f668c81d1d21197adbbe3eb8c8f1ec61f90ede4952e2fd06e94dd062bc66de1e18050477c1ce393bc1faaa93f67c34066c6c00c132fb84050931639d2119ea9a95b9778f9dc831f9f04530e4855984849580b3490ffba308e27b7e298dd894e1786bddd90753ad35fd74c7b2a6aee07b142e55c77d9dd454dadaee8e805f264317c871a5789e1709274a740127cb29c7dd454e92d648322e372b3b67b0c0aa38c33e9337601fd7f3107c4a01a2eca962f2078a09cc78d583f62fb0f32ac815abffa9c548926eb9ea4e572ef8cf7c8fd3ee97a1e10e4036bd0244fe1045a0b1e2006489e117208db0cbf91539f8d52d6c14eeb38be408569e29175f8814d065b6fb7679dba4200d93e25020abd6b574f759e611227de767969bc5ba179c708dbfb5bb86f1df6b18bbaef550b5aa7fc0e2027709a864191a1fa0cb078ab3e4b938c4e99fff5f74f9837f166a2f4606dfb2041239b7af835a9856153448bfeff74f56af69e5a8ad53ec28e1831aea2c9de96131f31f891fcc525afd131718b66f89e1e97f483808d3c36d975feaf3d868ac3c9e479c5bfc866f06a8835bfcc54d440553ad110e3708c1efa6220a88ac3d8d8d7ec2076ec272f7951463a68dfb7b54927681458304e867e8ba502ffe6bf92266163faa534deba891ad3a42049b1a02c2828e8ac5c6fe14a942e6845ac850c8540eb56280052f77854b5db05645e8ad42e479b65d999d6cddc4db67ad34e34f157cf41a18ac88ceea059dd618e6c2ef841962035a0f18f9a1adee2f90248d135647ef462ceebd71e2ae0f0026d04d18dcc19618419e2185f160855dd85697fe4393ee75c4a591c30c8c2dca65fc39d61adc2f46e8b90e265684ce0d3a9c51f04e24f8ccd895b43d3a09544f81b84aa5fe75a9c4ddb24b9e5cf59109835ccccbe5e2baa243bc1decf4d13480f4ee62fe65a41dd5548de686a4379d08a57149e2d4b89cad1cb14ffb4d5dcfafe31d8da5e96b47d96b1bf8706c5cc71a456e669f82f84e0ed36769c342c748d07f24af00fad7bba8386a4702e305be520d2e52f758011564d307e5254fd4aa974504f123f6e746257268084ff3df4cf0acffa8eab4dcee363f332d838c9eb7f63fc2e0d2f8dab58678d296d716090e5d5298baa18735fa605390cc1b4e9fbe33c042168d87d038f676baaf797af7d807d5544c61f7805d8a20a82c5aad40e89a3e4e0d8374cd7f9295c23984233d38047feaf383bc3bfead3e405f99fc009c6a7dc84c07bbd516c827f15153328abefebf42aa4d2cf82e1dedf7d1fc59648044ee4c8581b575e20a273d3f8d036ef07a87d4907700af6bcd68af263c9be8804cf8acb090824eae455a709d68ecd078a9dc7106fed7ec7ac0e9377e436d8f73efc0b4f85888f2407607b73ac76a92a24cb8d7d0ebaf42741794cec95dbb7661ab175a72684af52213abebc9d4cb61ef234372828e92b8feb4e7f55f9d545775daec28543b514612713b179b064decbeb65238f556f9288508c4547b2884405b12e87c9b8d2415b0c02741b5656e2514090c211a6a9c4d32b90ba62234b4c8b83e4dce018f466146bb13be04fa1f78b895df118d22f068e7984f2e812389b11340fb32ca77ad2e3f58bc5749f147da202c8f0aeba25fab2b33b6d56333f1319ae5df0c6b871eb3106fac0f7dd35ceec2689b764ad92593fba6afb8f03c1921296676b1baab433ff6447666d57cb169e5cad94aad0ec57b0b86eb0ebdd772311ffa621726f56481b1588334c5cb490e89073c8d80ee3b33a4842225942fa89f13a72b1bc6469fbd17c8a58b556d95488f171c613d4720e7a23ed4ebd717328b01c240d1287be9da9269d0e065bbea1b61cb3952b7d7339f54f5e8a4dadddd86cd2deb0139f02ea4d0bd731b676e3e329258314b63e39e497a83c81c76f54a08cc690e0d451151e262b51113e6160401b9653df6a8c65c24a785ee31319198d77ee858cff4860da5ff506ad605a73c981e65d9b5e451ad978e82e978728891061df07ea5986382889191fe565ede3bd949604a2b6e63177c4d3107d85a2b144578f0a6a909bfa695368178e93d13794135a9416a4566d741ed3484d600c18d5dc46383255268d3dc4323783c51e062313fdf4d1c6443fd92af9f4065212f3fc9437743c21f36641d4dcbb151a2978ea909ab8bbb92d6e5fb7a7077cbb7e146158577b3dcf1cf85cf2cfcbf7254c3e7ab34de4347c0006864ab7b914f33c33b6e0b327031bb30d974156cad137c35707fc375f5cbfcd93292cc658c3c7912e49fedb9a2b3b3bee8b05d266f81e13257293c0feb908bd7da40a75aaa60a13a7d79dca58d8231fa1c7ea5e29d79377f7e479dd1114e16edae82beb3b4e60e89f787ab06e2753318675e67a5d4aeedd0ada51f2a21991034a0c531ad38109b13a6e407973e4baaa4c45e2750ef0cd27993dcdb580223dbfa288e2d75b00a0cc6d49c8220ec1be1e285069a998bded748abbd7a537e6ec7b2040f100a08eb604321fd171edba89373070df24baece388e0df221eeed8e9b34da5fc3ed84b19dcbc8b80f806d3656e606dc3ff0e75d48795b3be06ec260dbb74a914607fb6d49c6f4f7a596f56a3d348219cd3eb0571a8cd1c46547cff12ff6647df83782314314d49426fe91bc029c964a6b61e0d1aa0e6b63b70a1aeffad4969aff320246a913cd68eb7ce1041c65b26caa784b002c9b55ef4516083559659961648e87785715063b7578e25b3e35927f4021df2c443ccc89efec425668c151d1e22fc24b9427d97a0e2d2766aa6217037a52b12e369f256059358dd71206d97bd40592209e6b4112c5241806b9d9a017ee985bb5a1396ee2f26bd6c06d8f8a13998411fe57684ec9bdf8f906d25a3aa5910e6057b9ac1c6b6d513a3a0baaff444f0a2408e95cc386e2c897f74e41ca00e14cd6c1d5170cfe5140eaa2ad3e27f400c4d6e81ed5c71faf739424c9bf938db4ce445d4dabf834c6e2a359be2ac721b90d93e1864a46153ba909df278413b249b99934c8c1bdde3fb2aa2492f88800cae33da8c2f023f0db6ad71caf80a3c387aea4571a80cef2472eb4b10474da6dd84bc77ed367f96121b557b37622d9aece01a1f3bdc794d9a16b44df3460d85ee4cc6e484f28dcaa43829ff6055181bef851b1a37dfb510589e9bda34e74b2ce6e24b36258b4190205d6b7bfd12e857f5e718ec9901cb2dee3e6723ef4585c6edb937e5a3f98b119e9e4e109e8c4ede1c96e22ffcf051d5de3df82093b731f7c42d92efb7b608013f29bace4eed00916a53e06f6728d39aedef4fc63f166cff7869146e388a9a39f1f3d5ccc953244c28d9c93ae20ca8341731dd26bd6ddbea397bda9b4906f991f43a29b36dcb538c97d67dbdc6f843c78042937a503f1e3d7afce6b26f08189cd6e9ce9011a99d4c801a23086121e3c045fadcba2c3ea11f9db831bee2e1f8874893c98e1e5869e979c9892d1fbb52c5ea8e1b677a9daa0d1e64042e518825bbbc83327576bcabb33c0c59e0856aa8c83a45e729adaabec80e10aa85ac74b543c826afdca1900d16d36a934e00dbea35e281e1c11157a9fea0dd5f9e5eea6482857c631b06486d7ac80aabfc296fc2291063c3b49db3aa6d0018ba9c727a88f2b7b1b362c7b428699cf0407658aa0c0e9498062cefbb84bdd2c375ea551c3affec2f70ba64d918ebe8fd256e81cf79ca5fae60dba5c1f45de469f8afb067f84314a6c14b4b601735fb1f8156350acdaf6708ddc96e1cc0987c39160c539330b2f30ac1085f6de02d5147680304dfd8fdb0e494f963f329dd59cd88a4f5be93ddb77f3c295525777c6b81fd0698a16445f572c96471cbcb847a5307a191c41ca6807b2b0ee0bcd9cea8b7f851bb6d6609b6e6267ba4ff3db86170e7e51087a9b67fe7b6b121b7e6f743f8561b2eb963d9b6b371bf24ee36eb9a8fe181848071fc5138fd18243ff296dfbafd9a7ad737ff993aca576114ce5bc68fef2fefb63a66623963240ab6cf9af21c32f27b278be091538be84a12e10e4be8276501993a2d6b0013043fd7127aa5eab00fec214a283d54525f00e9a005a420e3c9680de01768adbffe67f3a010f3c799f5a0023dd7800cc754037d58dc638d0f390c3e0c0dd921d62cb76ead2aeb5da97e34262d1ea243d0001ecb6c599765b5a18e9e19c9f186b15d4c874051b623076bb19ef3aa0f95a5f9963110b0f8451d470d9233597f1f263630c558635af711ce9ad58b9de914f57c4efff953cb8f6a675ad3093cf285773725414cbdd285784907f347efb05ca2e3f0c3d684b074b738fc2640ac6c804290188dd8b0b424bd013cd7465b8a6d9f78b6ce4d10fbe4e84e23a092f483ccaf41130dc80a682070749a987f74ac4a6310cec97eddaa9ca1df66306b530640302d785729b478df372741ebcf1dae4cc1255be8d6b25704880ef951a4cfa5a16f59a76d646810501c0c382b37f17b2b625db11261a129ae630c7028f4f588346f8f092be6f5cda30367e3184ca1a5df4ec5e73c2b7fed6148ff9a6f251a4e12fe34da37b75557bcd43770076878785162561f41e425bbafd3b8d3a9e10751d0e0f15aad660bd07a9b5351da429a615de99452f05dd49d71036461cb887fa7aa1c54e92f2c4b9a34936e4732d1ba21867eda2b4e1fa58b5b296e079ad1ff6eed85f80968404206ad7a50da606c361f36e4b45be4125203bcc54fc5597ec6d7b67b80348f9df6c8f335a3bb89a949dba947544051c5297b4f0680fc434efe5c62fb85c7b5c0c1d600b7d098ca0a220777ff541caf42c3445a60bca8b2e82055ac65e5654d7eb66c549f03e531503d0a70f8d16d76c92af8007f0cc373919a2ade4f6d1380ac53bd5ba0df33fc088548141db9a2ea3a32def40905011e45b8a1b8e48d9cf9b6d16a9d703520e497636ea071fe1e7a3c5b753a853d45511fd126384fca4abf52d8ec55a573ba108162141825e36eb28ac998dfb3a8915ee71bbc3789a002001b493246ef388a8fe92ac278ab3b205688c3b150d5210c60fcc240d2e4cb626ba0d6c992c7db0dfa44e09414e61b291918398723f587e20dbaeb55456c1579b3476d49148a602550f767dbcc32ca802ee26985325a9077c4c69ccf52e06d958c0f98aff4980d744433ff5aff46ec489e3971368d38b4f6d87677a2490818e2f45ff7e7025b9d94ee0e728df5251bb4b25d7a9a55a3c2a37825d309b9b10cde3581314b687419a442e73ee48dee1e36925e56f05f3b070f9f500fc579419611cb9fb311151c4af0d03bf40563de3f7673ac0ed5f3ab6a86c4b43d04ddfa196c82e34cac9247be687c429afc899600dcab617b875061159bae050a9783a82f0f54a7576c9c4797c0deff8cfb0afd70dd2e8008aa7b458aa7b0a9373cc0ad8672d8acdf808687462875d97413a329030d47915c859c4b9a85ee0295b1750540c99025e9b32376476224a71b493edabf06d788e5de4d79ec2badcf9e12f7211bf9ac797d9d18a1a1c2487ee7234e2d0cbcb5329af4d862a0a74643a2ece0f74f5488e13f1fb1de1315630e95ad87fe63fcf44663b3ad5121f612b5e528097659aa52a8256dd0f95e4c4dc1007d510df25ea45ffc8151e8715df34044a1e013b6d3f7543456a82fd3d11ac25787c5cd5e45548ee40d71d1c4fcd8f191a16a49438cf529196374f6919bd602beaefcaf688f35addb4c2b9e0a31fa166d784cf6aa8188ff1ed7272f9511a4344d1eb53d4a1a4986864b75a148b50697a145df989a6a9300eba61ab0666e3f1318d8adbfcb01ae33221905c3cc984746ffad626d74c35f207db12a1005aa065116aed65973f35359bdc866cb08a549406353d3dfddbf2120bb2bce86047c14d89217bd32427281702bcd733aae02be0abfba07198f785c8bfc2dbcb46f9bec26d7b6d3fb21686dc269631438c020cf4f63db199d7717436190783e0d7672ed7a90b25bd3f6888dbb2e58c760702312ea91535ebfa37f6d3d0ef01a5e5db590f39b44e7cc5b550d688bc28f5c26ac479164a18fddaf52a54b75e6690e65b30a4b7f86c686fef6ea6fc36e06369a09c1aa0c775f098d9e1067f844c145434c1938fbfb666b2d3cdfdfef7d122f3f3461b3fac7604b4f15b9fc979b68bf9219f1fb9c05231e0f0d17a1d5de5185362b237d18f6d3c62b4ee5fbdfb460c42c49dbe1438943634a2024dba7cd1240abb4b010e99a560668c89babc65a10fe8ce7a5d63b6e5043bc0b402acb3671582eb5254c1453c444a51a1e61f0b155ba6223db331d63e40b26d709b810987856395e9d82d74dbc14c5b18e56758cda5b9be5c8eb98a2b5d9a34fa02940def22b3823428c8c88d476cca2020a5947f96922b8a1fa0edf806a7b58b10731e753bb06a3f832e07b3c3620e4364d873ca0a37189badc3fec9ff2d9a49909ff23378b057868f07488fc2031509e10dc93676483e8cbc2275e85516732fe0ce9492c32a3368d5ed9db0e1d3f2491143597ace60059f7b93abf94be90a3a39e0a096d2cbc6b0b829d074f67ab043630044ad5e3200d2de12b15a53b5661fcc1480b536bf52760495a9080ede4d31f42b2cffda75150e8fe2f9ed7a120b24e21f63bfb58b3937e471c1b06eaae4f0b2bd0e6e6d8c76ec83d25c2129045534e407bf6752152aa69dbe180d159ce86f7876a3ba87d013fb0b430aea62f07190b4b1fdc58", 0x2000, &(0x7f0000001880)={&(0x7f00000010c0)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x29, 0x0, 0x20000000}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

995.632514ms ago: executing program 6 (id=4981):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000002c0)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in={0x2, 0x4e20, @multicast1}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, @in={0x2, 0x4e22, @local}], 0x40)
sendmmsg$inet6(r0, &(0x7f0000000180)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x280020}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x14004841)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$cgroup_procs(r1, &(0x7f0000000080)='tasks\x00', 0x2, 0x0)
preadv(r3, &(0x7f00000039c0)=[{&(0x7f0000000140)=""/142, 0x8e}], 0x1, 0x4, 0x3)
readv(r2, &(0x7f00000003c0)=[{&(0x7f0000000300)=""/106, 0x6a}], 0x12)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f00000000c0), 0x4)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendmmsg$inet6(r5, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x4, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0)
r6 = socket$kcm(0x29, 0x4, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000380)={{0x1, 0x1, 0x18, <r7=>r5, {0xffffffffffffffff}}, './file0\x00'})
ioctl$sock_kcm_SIOCKCMATTACH(r6, 0x89e0, &(0x7f0000000400)={r0, r7})
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r8, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r9=>0x0}, &(0x7f0000000080)=0x8)
connect$inet6(r4, &(0x7f00000001c0)={0xa, 0x4e21, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}, 0x980}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f0000000000)={r9, 0xb716}, 0x8)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000040)={r9, 0x800}, &(0x7f0000000100)=0x8)
r10 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000140), 0x8000, 0x0)
r11 = socket$netlink(0x10, 0x3, 0xf)
sendmsg$nl_route_sched(r11, &(0x7f0000006680)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001600)=@deltfilter={0x840, 0x2d, 0x1, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x10, 0xf}, {0xd, 0xffe0}, {0xffe0, 0x1}}, [@filter_kind_options=@f_route={{0xa}, {0x810, 0x2, [@TCA_ROUTE4_POLICE={0x80c, 0x5, [@TCA_POLICE_RATE={0x404, 0x2, [0x32006d63, 0xfffff00a, 0xff, 0x101, 0x8, 0x200, 0xbb, 0x2, 0x3, 0xfffffffb, 0x3f, 0x3, 0x5, 0xfffffff9, 0x0, 0x7, 0x5, 0x7, 0xfffffffa, 0x800, 0x7fff, 0x4, 0x1, 0x1, 0x519f, 0x0, 0x6, 0x0, 0x8, 0x3, 0x1, 0x4, 0x4, 0x5, 0xfffffff7, 0x7fff, 0x1, 0x8, 0x7, 0x3b1f, 0x5, 0x9, 0xb, 0x5, 0x400, 0x4, 0x3, 0xffffffff, 0x8, 0xffffffff, 0x3, 0x68, 0x4, 0x1, 0x7, 0x5, 0x853d642, 0x3, 0x7, 0x8, 0x64b1, 0xf59, 0xa, 0x2, 0x1, 0x4, 0x36, 0x6, 0xa, 0x5, 0x4, 0x7fff, 0x7, 0x10000, 0xa, 0x200, 0x8, 0x9, 0x10, 0x3ff, 0x9, 0x9, 0x70, 0x4, 0xd, 0x1, 0xffffb0d4, 0x2, 0x1ff, 0x7, 0x3, 0x7, 0x1, 0x1, 0x1, 0x3, 0x4, 0xc, 0x8, 0xfffffffa, 0x8aa0, 0xe0f, 0x9, 0x3, 0x1000, 0xffff, 0x10000, 0x8000, 0xd, 0x5, 0xff, 0xf, 0xd0a3, 0x80, 0x7, 0x5b72, 0x0, 0x5, 0xfffffff7, 0x6, 0x7, 0x1ff, 0x5, 0x4, 0x2, 0xb52b, 0x2, 0x3, 0x3ff, 0x1, 0x2dd9, 0x8001, 0x8, 0x5, 0x0, 0x7, 0x81, 0x80000000, 0x3, 0xe8d6, 0xffff, 0xc0eb, 0x6, 0x1, 0x7, 0x4b0, 0x8, 0x3cf1a96c, 0x6, 0x6, 0x80000000, 0x9, 0xfffffcea, 0x9, 0x10000, 0x6ce9, 0x9, 0x4e5, 0x7, 0x369c, 0x3f99, 0xffffffff, 0x4, 0x8, 0x3, 0xff, 0x1, 0x0, 0x5, 0x2, 0x5000000, 0x62, 0x10001, 0xcf8c, 0x3f18476d, 0x1f300220, 0x3, 0x4224, 0x1, 0x1, 0x2, 0x4, 0xfffffff7, 0x80000000, 0x5, 0xe, 0x5, 0x1, 0xdf60da4, 0x3, 0x82d0, 0x6, 0x4, 0x800, 0x100, 0x80000001, 0x6, 0x3, 0x7, 0x80000001, 0x7fffffff, 0x3, 0xffffffff, 0x7, 0x2, 0xfffffffd, 0x4, 0x9, 0x6, 0x0, 0xfffffe00, 0x39, 0x2, 0x8000, 0x80, 0x3, 0x4, 0x9, 0x8, 0x4, 0x3, 0x9, 0x100, 0x7, 0x2, 0x7, 0x2, 0x9, 0x19000000, 0x5, 0x4, 0x9, 0x3, 0x80000000, 0x2, 0x2, 0x7, 0x0, 0x7, 0xfff, 0xc83b, 0x401, 0xe4f0, 0xd09, 0x80000001, 0xfffffff7, 0x7812, 0x80, 0xfffffffc, 0x7, 0x0, 0xfffffffc, 0x81, 0xffff, 0x9]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0xfff, 0x0, 0x0, 0xc4e6, 0xfffffc01, 0x459, 0x6, 0x4, 0xc, 0x3, 0x1, 0xde8, 0x4, 0x6, 0x7, 0x2, 0x7, 0x3, 0x2, 0x5, 0x339c04a7, 0x1, 0x9, 0x0, 0x5, 0x4, 0x1, 0x6, 0x5, 0x5, 0x9, 0x9, 0x2, 0x0, 0x80000001, 0x9, 0x84b250eb, 0x2, 0x5, 0x3, 0x4, 0x2f5, 0x10, 0x5, 0x7a4e, 0x5, 0xb9, 0xffffffff, 0x8, 0x8000, 0x8, 0x8, 0xff, 0xff, 0x4, 0x40, 0x7, 0x17, 0x80, 0x3, 0x4, 0x5, 0x7b34, 0x2ce, 0xb8, 0x3ff, 0xb46, 0x4, 0x8, 0x1, 0x2fce, 0x0, 0x5, 0x3, 0x4, 0x8, 0x5, 0x1, 0x0, 0xf, 0x2c8, 0x2, 0xffffffc0, 0x5ed96db, 0x400, 0x7, 0x6, 0x400, 0x1, 0x6, 0x0, 0x5, 0x2, 0x200, 0x1ff, 0x8163, 0x4306ded, 0x1de7, 0x831, 0x5, 0xffffffff, 0x7, 0x5, 0x10000, 0xfffffffc, 0x6cf, 0xf, 0x1, 0x1, 0x401, 0x8000, 0x80, 0xe, 0x6, 0x6, 0x4, 0x7, 0x7fffffff, 0xd5f3, 0x0, 0x14, 0xc23, 0xd, 0x1, 0x3, 0x1, 0x9, 0x8, 0xf, 0x800, 0x1, 0xffff, 0x9, 0xfffffff7, 0x4, 0x6, 0xc3, 0x5, 0x3, 0x2, 0x10000, 0xfff, 0x8, 0x32f4, 0x9, 0x2, 0x4, 0x0, 0xa, 0x5, 0x0, 0x3, 0x8, 0x79a9, 0x8, 0x7, 0x6, 0x3, 0x1, 0x3e91, 0x6, 0x5, 0x6, 0xfffffff9, 0x0, 0x7, 0x5, 0x360c4ca1, 0x5, 0x40f, 0x8, 0x7ff, 0x7, 0x2, 0x1, 0xff, 0x96, 0x1, 0x2, 0xc95af3b, 0x6813, 0x4, 0x9, 0x3f, 0x5, 0x8, 0x7, 0x8, 0x1a74, 0x10000, 0x101, 0x8, 0x2, 0x13, 0x6, 0xff, 0x1, 0x0, 0x4, 0x9, 0xa, 0x7, 0x9, 0xffffff00, 0x9, 0x7, 0x1, 0x0, 0x1, 0x0, 0xfffffff8, 0x1000, 0x100000, 0x80000000, 0xffffffff, 0x80000001, 0x3ed, 0x2, 0xfffffffd, 0x6, 0x0, 0x0, 0xb, 0x5, 0x9, 0xd, 0x8, 0x4, 0x0, 0x1000, 0x4, 0x8, 0x5, 0x2, 0x4, 0x1, 0x0, 0xdcc, 0x7, 0x5, 0x5, 0x2, 0x10, 0x2, 0x217, 0x3ff, 0x200000, 0xd, 0xa990, 0x1, 0x9, 0x4, 0x2932, 0x5dd, 0x1ff, 0xe3]}]}]}}]}, 0x840}, 0x1, 0x0, 0x0, 0x20000814}, 0x8000)
ioctl$mixer_OSS_ALSAEMULVER(r10, 0x80044df9, &(0x7f0000000280))

991.484195ms ago: executing program 5 (id=4982):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000002580)=@security={'security\x00', 0x4, 0x4, 0x538, 0xffffffff, 0x398, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x468, 0x468, 0x468, 0xffffffff, 0x7fffffe, 0x0, {[{{@ipv6={@dev, @ipv4={'\x00', '\xff\xff', @multicast1}, [], [], 'bridge_slave_1\x00', 'geneve0\x00'}, 0x0, 0x130, 0x158, 0x0, {}, [@common=@dst={{0x48}}, @common=@unspec=@connlimit={{0x40}}]}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x158}}}, {{@uncond, 0x0, 0x210, 0x240, 0x0, {}, [@common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@remote, @private0, @ipv4={'\x00', '\xff\xff', @loopback}, @local, @empty, @dev, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, @private2, @loopback, @empty, @dev, @private0, @local, @private2, @private0]}}, @common=@ah={{0x30}, {[], 0x0, 0x0, 0x6}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@ipv6={@private1, @mcast1, [], [], 'geneve1\x00', 'macvlan0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x598)
fsopen(&(0x7f0000001300)='jffs2\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x10100, 0xc)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_qrtr_SIOCGIFADDR(r3, 0x8915, &(0x7f0000001740)={'xfrm0\x00'})
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, <r5=>0x0}, &(0x7f0000000280)=0x5)
setuid(r5)
quotactl_fd$Q_SETQUOTA(r3, 0xffffffff80000800, r5, &(0x7f0000000200)={0x401, 0x8, 0xff, 0x9, 0x400, 0x7ff, 0x7, 0x2, 0x6})
ioctl$BTRFS_IOC_LOGICAL_INO(r1, 0xc0389424, &(0x7f00000001c0)={0x3, 0x28, '\x00', 0x1, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000d00)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_coalesce={0xe, 0x6b, 0x0, 0x6, 0x1, 0x1000, 0x3, 0x5, 0xc03, 0x0, 0x0, 0x0, 0x100, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}})
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)={0x114, 0x1b, 0x1, 0x70bd26, 0x2, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x2}, @typed={0x14, 0x3, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0)
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICE(r7, 0x0, 0x483, &(0x7f00000000c0), &(0x7f0000000140)=0x68)

957.103599ms ago: executing program 5 (id=4983):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000180)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x280020}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x14004841)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x29, 0x78, &(0x7f00000000c0), 0x4)

866.685362ms ago: executing program 5 (id=4984):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x3f, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0xe0, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xe, 0x7}, {}, {0x7}}, [@filter_kind_options=@f_u32={{0x8}, {0xb4, 0x2, [@TCA_U32_SEL={0x94, 0x5, {0x7, 0xef, 0x8, 0x8, 0x5, 0x9, 0x7, 0x0, [{0x1000, 0x4, 0x401, 0x6}, {0x8, 0x7, 0x1009, 0x5}, {0xfffffff9, 0x43, 0x7ffd, 0x5}, {0x7fde, 0x40, 0x51, 0x3ff}, {0x5, 0xb, 0x1, 0x42}, {0x6, 0x4, 0x8, 0x8}, {0x8001, 0x0, 0x0, 0x8001}, {0x1, 0x1800000, 0xa525}]}}, @TCA_U32_LINK={0x8}, @TCA_U32_INDEV={0x14, 0x8, 'veth1_to_bond\x00'}]}}]}, 0xe0}, 0x1, 0x0, 0x0, 0x80}, 0x40)

802.60606ms ago: executing program 5 (id=4985):
r0 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000001880)=@ccm_128={{0x304}, "9da5286b607f017b", "e096ddc6fa70cc51ae3c3266fe891db0", "495ba118", "4fe2b764eb81d7fb"}, 0x28)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f00000002c0)='virtiofs\x00', 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x492492492492846, 0x0)
fcntl$setstatus(r1, 0x4, 0x0)
ppoll(&(0x7f00000000c0)=[{r3, 0x200}], 0x1, 0x0, 0x0, 0x0)
syz_emit_ethernet(0xa2, &(0x7f0000000100)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2}, @void, {@ipv4={0x800, @generic={{0x20, 0x4, 0x0, 0x6, 0x94, 0x66, 0x0, 0xff, 0x8, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, {[@generic={0x44, 0x3, '^'}, @lsrr={0x83, 0x23, 0xd8, [@broadcast, @remote, @multicast1, @dev={0xac, 0x14, 0x14, 0x3a}, @dev={0xac, 0x14, 0x14, 0x2b}, @multicast1, @remote, @broadcast]}, @lsrr={0x83, 0xf, 0xd9, [@multicast1, @rand_addr=0x64010101, @multicast1]}, @ssrr={0x89, 0x7, 0x48, [@multicast2]}, @ssrr={0x89, 0x1f, 0x93, [@broadcast, @local, @broadcast, @rand_addr=0x64010100, @multicast2, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @rr={0x7, 0xf, 0xae, [@private=0xa010101, @multicast1, @multicast2]}]}}, "b124c37e145d237e38469defe3740b856d7535d0"}}}}, 0x0)
connect$unix(r2, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e)
connect$nfc_raw(r0, &(0x7f0000000040)={0x27, 0x0, 0xffffffffffffffff, 0x3}, 0x10)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TIOCSETD(r4, 0x541b, &(0x7f0000000000))
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x4b0180, 0x0)
ioctl$RFKILL_IOCTL_NOINPUT(r5, 0x5201)

802.448535ms ago: executing program 4 (id=4986):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x40, &(0x7f0000002700)=@raw={'raw\x00', 0x8, 0x3, 0x210, 0x0, 0x8, 0xfa04, 0x0, 0x6c02, 0x178, 0x194, 0x194, 0x178, 0x194, 0x3, 0x0, {[{{@ip={@empty=0x1e00, @multicast2, 0x0, 0x0, 'veth0_to_hsr\x00', 'veth0_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0x98, 0xc0, 0x0, {0x0, 0x74020000}, [@common=@unspec=@addrtype1={{0x28}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ip={@multicast2, @dev, 0x0, 0x0, '\x00', 'tunl0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x270)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@my=0x1})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000feffffff850000007100000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x8000, 0x0)
read$sequencer(r3, &(0x7f0000000480)=""/98, 0x62)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x500, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x59c}, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000000c0)=0xb0000)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETVA(r0, 0x7a4, &(0x7f0000000200)={{@host, 0xd3}, 0x0, 0xa, 0x1, 0xfffffffc})

706.284877ms ago: executing program 4 (id=4987):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x24008800}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x5b8, 0x0, &(0x7f0000000240), &(0x7f0000000b80))
r4 = getpid()
shmctl$IPC_SET(0x0, 0x1, &(0x7f00000001c0)={{0x0, 0x0, 0x0, 0xee01, 0x0, 0x38, 0x2}, 0xe00000, 0x1, 0x80000001, 0x8, 0x0, r4, 0x4})
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0xc102, 0x0)
sendfile(r5, r5, 0x0, 0x40008) (fail_nth: 4)

77.726864ms ago: executing program 6 (id=4989):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0xc4)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='tranfd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',\x00'])
r3 = syz_open_procfs(0xffffffffffffffff, 0x0)
read$FUSE(r3, 0x0, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

0s ago: executing program 6 (id=4990):
socket$can_bcm(0x1d, 0x2, 0x2)
syz_emit_ethernet(0x2a, &(0x7f0000000740)=ANY=[], 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, 0x0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6)
setsockopt$sock_int(r1, 0x1, 0x21, &(0x7f0000000000)=0x4, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007ed, &(0x7f0000008400)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000002c00)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000002280)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56561, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x8}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x10, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x2}]}}]}, 0x40}}, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xa89)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r5, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={<r6=>0x0, 0x1c, &(0x7f00000022c0)=[@in6={0xa, 0x4e21, 0x445, @private2, 0x7}]}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp6_SCTP_CONTEXT(r5, 0x84, 0x11, &(0x7f0000000100)={r6, 0x5}, 0x8)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f00000002c0)=[@in={0x2, 0x4e23, @remote}], 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000000000000001000001800759187bba5af9fbd3cec869c391e0180140f020067656e45c6653100000000"], 0x34}}, 0x4044)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r8, &(0x7f0000002240)={&(0x7f0000002140)={0x10, 0x0, 0x0, 0x1410911}, 0xc, &(0x7f0000002200)={&(0x7f0000002180)={0x18, r9, 0x20, 0x71bd2c, 0x25dfdbff, {}, [@HEADER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x10}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f00000005c0)={0x0, 0x1c, &(0x7f0000000580)=[@in6={0xa, 0x4e20, 0x7, @loopback, 0xa}]}, &(0x7f0000000600)=0x10)
clock_gettime(0x0, &(0x7f00000020c0)={<r10=>0x0, <r11=>0x0})
recvmmsg(r7, &(0x7f0000002000)=[{{&(0x7f0000000080)=@pptp={0x18, 0x2, {0x0, @local}}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000180)=""/164, 0xa4}, {&(0x7f0000000000)=""/60, 0x3c}, {&(0x7f0000000100)=""/35, 0x23}, {&(0x7f0000000240)=""/229, 0xe5}, {&(0x7f0000000340)=""/59, 0x3b}], 0x5}, 0x3}, {{&(0x7f0000000400)=@tipc=@id, 0x80, &(0x7f00000009c0)=[{&(0x7f0000000480)=""/143, 0x8f}, {&(0x7f0000000540)=""/218, 0xda}, {&(0x7f0000000640)=""/141, 0x8d}, {&(0x7f0000000700)=""/158, 0x9e}, {&(0x7f00000007c0)=""/224, 0xe0}, {&(0x7f00000008c0)=""/219, 0xdb}], 0x6}, 0x8}, {{0x0, 0x0, &(0x7f0000001e80)=[{&(0x7f0000000a40)=""/224, 0xe0}, {&(0x7f0000000b40)=""/54, 0x36}, {&(0x7f0000000b80)=""/32, 0x20}, {&(0x7f0000000bc0)=""/13, 0xd}, {&(0x7f0000000c00)=""/233, 0xe9}, {&(0x7f0000000d00)=""/11, 0xb}, {&(0x7f0000000d40)=""/145, 0x91}, {&(0x7f0000000e00)=""/101, 0x65}, {&(0x7f0000000e80)=""/4096, 0x1000}], 0x9, &(0x7f0000001f40)=""/169, 0xa9}, 0x9}], 0x3, 0x100, &(0x7f0000002100)={r10, r11+60000000})
r12 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r12, 0x0, 0xcc, &(0x7f0000000140)={@multicast2, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23b510d442ff13482864280a9c0f4eb5", 0x0, 0xfffffffc}, 0x3c)
setsockopt$MRT_ADD_MFC_PROXY(r12, 0x0, 0xd2, &(0x7f0000000040)={@multicast2, @multicast1, 0x2, "4f6fb4d1af0f724e6118ecd4ac1100843af297baebb0efcdf5a284da144a011a"}, 0x3c)

kernel console output (not intermixed with test programs):

0000001
[  328.216438][T16274] R13: 0000000000000000 R14: 00007fede41a5fa0 R15: 00007ffc58dd5ba8
[  328.216458][T16274]  </TASK>
[  328.222173][T16142] veth0_vlan: entered promiscuous mode
[  328.262824][T16280] netlink: 1624 bytes leftover after parsing attributes in process `syz.5.4001'.
[  328.271239][T16142] veth1_vlan: entered promiscuous mode
[  328.288815][ T5943] Bluetooth: hci0: command tx timeout
[  328.308184][T16142] veth0_macvtap: entered promiscuous mode
[  328.311511][T16142] veth1_macvtap: entered promiscuous mode
[  328.318957][T16142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.322755][T16142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.326280][T16142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.329228][T16142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.332627][T16142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.337580][T16142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.340292][T16142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.343186][T16142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.350463][T16142] batman_adv: batadv0: Interface activated: batadv_slave_0
[  328.357141][T16142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.360133][T16142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.362839][T16142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.366437][T16142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.370151][T16142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.373048][T16142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.375668][T16142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.378596][T16142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.382364][T16142] batman_adv: batadv0: Interface activated: batadv_slave_1
[  328.387361][T16142] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  328.390062][T16142] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  328.392523][T16142] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  328.395342][T16142] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  328.428664][ T1143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  328.433241][ T1143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  328.444262][   T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  328.446507][   T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  328.537262][ T5943] Bluetooth: hci2: command tx timeout
[  328.715161][ T5979] hid-generic 00A0:000B:0007.0011: unknown main item tag 0x0
[  328.717932][ T5979] hid-generic 00A0:000B:0007.0011: unknown main item tag 0x0
[  328.725032][ T5979] hid-generic 00A0:000B:0007.0011: unknown main item tag 0x0
[  328.728036][ T5979] hid-generic 00A0:000B:0007.0011: unknown main item tag 0x0
[  328.730991][ T5979] hid-generic 00A0:000B:0007.0011: unknown main item tag 0x0
[  328.733807][ T5979] hid-generic 00A0:000B:0007.0011: unknown main item tag 0x0
[  328.736635][ T5979] hid-generic 00A0:000B:0007.0011: unknown main item tag 0x0
[  328.739102][ T5979] hid-generic 00A0:000B:0007.0011: unknown main item tag 0x0
[  328.741960][ T5979] hid-generic 00A0:000B:0007.0011: unknown main item tag 0x0
[  328.744787][ T5979] hid-generic 00A0:000B:0007.0011: unknown main item tag 0x0
[  328.747485][ T5979] hid-generic 00A0:000B:0007.0011: unknown main item tag 0x0
[  328.750216][ T5979] hid-generic 00A0:000B:0007.0011: unknown main item tag 0x0
[  328.753103][ T5979] hid-generic 00A0:000B:0007.0011: unknown main item tag 0x0
[  328.755590][ T5979] hid-generic 00A0:000B:0007.0011: unknown main item tag 0x0
[  328.758092][ T5979] hid-generic 00A0:000B:0007.0011: unknown main item tag 0x0
[  328.761881][ T5979] hid-generic 00A0:000B:0007.0011: hidraw1: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  328.784544][   T40] audit: type=1400 audit(1742700845.621:730): avc:  denied  { setopt } for  pid=16315 comm="syz.4.4014" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  328.802861][T16316] bond2: entered promiscuous mode
[  328.809239][T16316] bond2: entered allmulticast mode
[  328.811377][T16316] 8021q: adding VLAN 0 to HW filter on device bond2
[  328.983359][   T40] audit: type=1400 audit(1742700845.798:731): avc:  denied  { write } for  pid=16339 comm="syz.4.4025" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  329.041836][T16348] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  329.044143][T16348] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  329.052910][T16348] vhci_hcd vhci_hcd.0: Device attached
[  329.058910][T16348] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(6)
[  329.060765][T16348] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  329.064063][T16348] vhci_hcd vhci_hcd.0: Device attached
[  329.071780][T16349] vhci_hcd: cannot find a urb of seqnum 169 max seqnum 0
[  329.074469][T16353] vhci_hcd: connection closed
[  329.079016][   T12] vhci_hcd: stop threads
[  329.081577][   T12] vhci_hcd: release socket
[  329.083208][T16360] FAULT_INJECTION: forcing a failure.
[  329.083208][T16360] name failslab, interval 1, probability 0, space 0, times 0
[  329.083225][T16360] CPU: 2 UID: 0 PID: 16360 Comm: syz.6.4031 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  329.083238][T16360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  329.083246][T16360] Call Trace:
[  329.083258][T16360]  <TASK>
[  329.083262][T16360]  dump_stack_lvl+0x16c/0x1f0
[  329.083294][T16360]  should_fail_ex+0x50a/0x650
[  329.083317][T16360]  ? fs_reclaim_acquire+0xae/0x150
[  329.083334][T16360]  should_failslab+0xc2/0x120
[  329.083346][T16360]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  329.083358][T16360]  ? __alloc_skb+0x2b1/0x380
[  329.083375][T16360]  __alloc_skb+0x2b1/0x380
[  329.083390][T16360]  ? __pfx___alloc_skb+0x10/0x10
[  329.083405][T16360]  ? find_held_lock+0x2d/0x110
[  329.083418][T16360]  ? __might_fault+0x13b/0x190
[  329.083432][T16360]  alloc_skb_with_frags+0xe4/0x850
[  329.083444][T16360]  ? __might_fault+0xe3/0x190
[  329.083458][T16360]  sock_alloc_send_pskb+0x7f1/0x980
[  329.083474][T16360]  ? _copy_from_iter+0x15e/0x1560
[  329.083488][T16360]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  329.083505][T16360]  ? lock_acquire+0x2f/0xb0
[  329.083519][T16360]  ? dev_get_by_index+0x37/0x380
[  329.083537][T16360]  packet_sendmsg+0x1ffa/0x5750
[  329.083562][T16360]  ? sock_has_perm+0x25a/0x2f0
[  329.083575][T16360]  ? __pfx_sock_has_perm+0x10/0x10
[  329.083589][T16360]  ? __pfx_packet_sendmsg+0x10/0x10
[  329.083611][T16360]  __sys_sendto+0x488/0x4f0
[  329.083626][T16360]  ? __pfx___sys_sendto+0x10/0x10
[  329.083650][T16360]  ? ksys_write+0x1ba/0x250
[  329.083663][T16360]  ? __pfx_ksys_write+0x10/0x10
[  329.083679][T16360]  __x64_sys_sendto+0xe0/0x1c0
[  329.083696][T16360]  ? do_syscall_64+0x91/0x250
[  329.083717][T16360]  ? lockdep_hardirqs_on+0x7c/0x110
[  329.083736][T16360]  do_syscall_64+0xcd/0x250
[  329.083756][T16360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.083781][T16360] RIP: 0033:0x7fc20518d169
[  329.083795][T16360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  329.083809][T16360] RSP: 002b:00007fc206038038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  329.083825][T16360] RAX: ffffffffffffffda RBX: 00007fc2053a5fa0 RCX: 00007fc20518d169
[  329.083835][T16360] RDX: 000000000000e90c RSI: 00002000000000c0 RDI: 0000000000000003
[  329.083845][T16360] RBP: 00007fc206038090 R08: 0000200000000540 R09: 0000000000000014
[  329.083855][T16360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  329.083865][T16360] R13: 0000000000000000 R14: 00007fc2053a5fa0 R15: 00007ffd53e70d88
[  329.083885][T16360]  </TASK>
[  329.156219][   T12] vhci_hcd: disconnect device
[  329.160365][   T12] vhci_hcd: stop threads
[  329.161637][   T12] vhci_hcd: release socket
[  329.162905][   T12] vhci_hcd: disconnect device
[  329.391218][T16379] overlayfs: failed to clone upperpath
[  329.487051][T16383] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4041'.
[  329.489886][T16383] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4041'.
[  329.492395][T16383] netlink: 'syz.7.4041': attribute type 13 has an invalid length.
[  329.677508][T16399] jfs: Unknown parameter 'usrquotaeo#'
[  329.727066][T16405] fuse: Bad value for 'fd'
[  329.902420][T16428] fuse: Bad value for 'fd'
[  330.364271][T16498] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4)
[  330.366230][T16498] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  330.371627][T16498] vhci_hcd vhci_hcd.0: Device attached
[  330.374816][T16498] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(6)
[  330.376664][T16498] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  330.379664][T16498] vhci_hcd vhci_hcd.0: Device attached
[  330.381719][T16499] vhci_hcd: cannot find a urb of seqnum 169 max seqnum 0
[  330.384086][T16501] vhci_hcd: connection closed
[  330.384179][ T9096] vhci_hcd: stop threads
[  330.387006][ T9096] vhci_hcd: release socket
[  330.388268][ T9096] vhci_hcd: disconnect device
[  330.389703][ T9096] vhci_hcd: stop threads
[  330.390903][ T9096] vhci_hcd: release socket
[  330.392162][ T9096] vhci_hcd: disconnect device
[  330.760921][ T5943] Bluetooth: hci2: command tx timeout
[  331.016102][   T31] libceph: connect (1)[c::]:6789 error -101
[  331.018097][   T31] libceph: mon0 (1)[c::]:6789 connect error
[  331.269017][T16526] input: syz0 as /devices/virtual/input/input84
[  331.271386][T16526] input: failed to attach handler leds to device input84, error: -6
[  331.296589][   T31] libceph: connect (1)[c::]:6789 error -101
[  331.300879][   T31] libceph: mon0 (1)[c::]:6789 connect error
[  331.843495][   T31] libceph: connect (1)[c::]:6789 error -101
[  331.845331][   T31] libceph: mon0 (1)[c::]:6789 connect error
[  331.902166][T16510] ceph: No mds server is up or the cluster is laggy
[  331.961913][T16548] tmpfs: Unknown parameter 'usrquotaËc«:8t
¡’A•˜–PÜEÈ}U¥*(¸ðz'
[  332.312618][T16570] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  332.320574][T16570] kvm: pic: non byte read
[  332.323296][T16570] kvm: pic: level sensitive irq not supported
[  332.323640][T16570] kvm: pic: non byte read
[  332.327995][T16570] kvm: pic: level sensitive irq not supported
[  332.328301][T16570] kvm: pic: non byte read
[  332.332599][T16570] kvm: pic: level sensitive irq not supported
[  332.332868][T16570] kvm: pic: non byte read
[  332.338447][T16570] kvm: pic: level sensitive irq not supported
[  332.338868][T16570] kvm: pic: non byte read
[  332.342718][T16570] kvm: pic: level sensitive irq not supported
[  332.343184][T16570] kvm: pic: non byte read
[  332.347368][T16570] kvm: pic: level sensitive irq not supported
[  332.347624][T16570] kvm: pic: non byte read
[  332.351608][T16570] kvm: pic: level sensitive irq not supported
[  332.351882][T16570] kvm: pic: non byte read
[  332.356135][T16570] kvm: pic: level sensitive irq not supported
[  332.356393][T16570] kvm: pic: non byte read
[  332.360482][T16570] kvm: pic: level sensitive irq not supported
[  332.360903][T16570] kvm: pic: non byte read
[  332.365306][T16570] kvm: pic: level sensitive irq not supported
[  332.437146][T16574] netlink: 1752 bytes leftover after parsing attributes in process `syz.6.4114'.
[  332.501259][T16582] FAULT_INJECTION: forcing a failure.
[  332.501259][T16582] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  332.505132][T16582] CPU: 0 UID: 0 PID: 16582 Comm: syz.6.4118 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  332.505154][T16582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  332.505165][T16582] Call Trace:
[  332.505170][T16582]  <TASK>
[  332.505177][T16582]  dump_stack_lvl+0x16c/0x1f0
[  332.505205][T16582]  should_fail_ex+0x50a/0x650
[  332.505235][T16582]  _copy_from_user+0x2e/0xd0
[  332.505254][T16582]  kvm_vm_ioctl+0x9fe/0x3d70
[  332.505283][T16582]  ? __pfx_mark_lock+0x10/0x10
[  332.505311][T16582]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  332.505346][T16582]  ? find_held_lock+0x2d/0x110
[  332.505368][T16582]  ? tomoyo_path_number_perm+0x298/0x590
[  332.505391][T16582]  ? __pfx_lock_release+0x10/0x10
[  332.505417][T16582]  ? tomoyo_path_number_perm+0x46d/0x590
[  332.505443][T16582]  ? tomoyo_path_number_perm+0x190/0x590
[  332.505466][T16582]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  332.505487][T16582]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  332.505515][T16582]  ? do_vfs_ioctl+0x513/0x1990
[  332.505540][T16582]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  332.505570][T16582]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  332.505599][T16582]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  332.505630][T16582]  ? __pfx_lock_release+0x10/0x10
[  332.505663][T16582]  ? selinux_file_ioctl+0x180/0x270
[  332.505688][T16582]  ? selinux_file_ioctl+0xb4/0x270
[  332.505715][T16582]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  332.505741][T16582]  __x64_sys_ioctl+0x190/0x200
[  332.505765][T16582]  do_syscall_64+0xcd/0x250
[  332.505792][T16582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.505815][T16582] RIP: 0033:0x7fc20518d169
[  332.505829][T16582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.505846][T16582] RSP: 002b:00007fc206038038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  332.505863][T16582] RAX: ffffffffffffffda RBX: 00007fc2053a5fa0 RCX: 00007fc20518d169
[  332.505874][T16582] RDX: 0000200000000380 RSI: 00000000c008ae67 RDI: 0000000000000004
[  332.505884][T16582] RBP: 00007fc206038090 R08: 0000000000000000 R09: 0000000000000000
[  332.505895][T16582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  332.505905][T16582] R13: 0000000000000000 R14: 00007fc2053a5fa0 R15: 00007ffd53e70d88
[  332.505927][T16582]  </TASK>
[  332.696245][T16588] netlink: 'syz.6.4121': attribute type 72 has an invalid length.
[  332.733579][T16591] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4120'.
[  332.753410][T16591] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4120'.
[  332.793975][T16596] netlink: 1752 bytes leftover after parsing attributes in process `syz.7.4125'.
[  332.884207][T16605] virtio-fs: tag <(null)> not found
[  332.928843][T16612] loop6: detected capacity change from 0 to 63
[  332.934559][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 0
[  332.937353][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  332.939844][    C1] buffer_io_error: 12 callbacks suppressed
[  332.939852][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  332.948439][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  332.951971][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  332.983398][   T40] audit: type=1400 audit(1742700849.540:732): avc:  denied  { ioctl } for  pid=16615 comm="syz.6.4134" path="socket:[68804]" dev="sockfs" ino=68804 ioctlcmd=0x8941 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  332.995316][ T5943] Bluetooth: hci2: command tx timeout
[  333.034441][T16620] netlink: 1752 bytes leftover after parsing attributes in process `syz.6.4136'.
[  333.199115][T16637] netlink: 'syz.6.4143': attribute type 72 has an invalid length.
[  333.497755][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  333.517206][T16651] FAULT_INJECTION: forcing a failure.
[  333.517206][T16651] name failslab, interval 1, probability 0, space 0, times 0
[  333.520945][T16651] CPU: 1 UID: 0 PID: 16651 Comm: syz.5.4148 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  333.520986][T16651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  333.520994][T16651] Call Trace:
[  333.520998][T16651]  <TASK>
[  333.521002][T16651]  dump_stack_lvl+0x16c/0x1f0
[  333.521022][T16651]  should_fail_ex+0x50a/0x650
[  333.521043][T16651]  ? fs_reclaim_acquire+0xae/0x150
[  333.521059][T16651]  ? copy_splice_read+0x1a8/0xb80
[  333.521074][T16651]  should_failslab+0xc2/0x120
[  333.521086][T16651]  __kmalloc_noprof+0xcb/0x510
[  333.521100][T16651]  copy_splice_read+0x1a8/0xb80
[  333.521116][T16651]  ? look_up_lock_class+0x6b/0x150
[  333.521131][T16651]  ? __pfx_copy_splice_read+0x10/0x10
[  333.521148][T16651]  ? __pfx_register_lock_class+0x10/0x10
[  333.521169][T16651]  ? __pfx_filemap_splice_read+0x10/0x10
[  333.521180][T16651]  do_splice_read+0x2bd/0x370
[  333.521196][T16651]  splice_direct_to_actor+0x2a4/0xa40
[  333.521212][T16651]  ? __pfx_direct_splice_actor+0x10/0x10
[  333.521230][T16651]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  333.521247][T16651]  ? __pfx___might_resched+0x10/0x10
[  333.521266][T16651]  do_splice_direct+0x178/0x250
[  333.521282][T16651]  ? __pfx_do_splice_direct+0x10/0x10
[  333.521298][T16651]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  333.521313][T16651]  ? bpf_lsm_file_permission+0x9/0x10
[  333.521325][T16651]  ? security_file_permission+0x71/0x210
[  333.521342][T16651]  ? rw_verify_area+0xcf/0x680
[  333.521357][T16651]  do_sendfile+0xafb/0xe40
[  333.521374][T16651]  ? __pfx_do_sendfile+0x10/0x10
[  333.521390][T16651]  ? __fget_files+0x206/0x3a0
[  333.521403][T16651]  __x64_sys_sendfile64+0x1da/0x220
[  333.521415][T16651]  ? ksys_write+0x1ba/0x250
[  333.521424][T16651]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  333.521440][T16651]  do_syscall_64+0xcd/0x250
[  333.521456][T16651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.521471][T16651] RIP: 0033:0x7fede3f8d169
[  333.521480][T16651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.521490][T16651] RSP: 002b:00007fede4e27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  333.521501][T16651] RAX: ffffffffffffffda RBX: 00007fede41a6160 RCX: 00007fede3f8d169
[  333.521508][T16651] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[  333.521517][T16651] RBP: 00007fede4e27090 R08: 0000000000000000 R09: 0000000000000000
[  333.521527][T16651] R10: 0000000000040008 R11: 0000000000000246 R12: 0000000000000001
[  333.521537][T16651] R13: 0000000000000000 R14: 00007fede41a6160 R15: 00007ffc58dd5ba8
[  333.521558][T16651]  </TASK>
[  333.969782][T16672] overlayfs: statfs failed on './file0'
[  334.145557][T16685] netlink: 1752 bytes leftover after parsing attributes in process `syz.6.4165'.
[  334.595536][T16705] FAULT_INJECTION: forcing a failure.
[  334.595536][T16705] name failslab, interval 1, probability 0, space 0, times 0
[  334.600465][T16705] CPU: 0 UID: 0 PID: 16705 Comm: syz.5.4173 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  334.600485][T16705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  334.600495][T16705] Call Trace:
[  334.600501][T16705]  <TASK>
[  334.600507][T16705]  dump_stack_lvl+0x16c/0x1f0
[  334.600537][T16705]  should_fail_ex+0x50a/0x650
[  334.600569][T16705]  should_failslab+0xc2/0x120
[  334.600590][T16705]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  334.600607][T16705]  ? __lock_acquire+0x15a9/0x3c40
[  334.600629][T16705]  ? __alloc_skb+0x2b1/0x380
[  334.600654][T16705]  __alloc_skb+0x2b1/0x380
[  334.600673][T16705]  ? __pfx___alloc_skb+0x10/0x10
[  334.600693][T16705]  ? __pfx_hlock_class+0x10/0x10
[  334.600709][T16705]  ? __pfx___lock_acquire+0x10/0x10
[  334.600734][T16705]  _sctp_make_chunk+0x51/0x270
[  334.600752][T16705]  sctp_make_control+0x2f/0x2d0
[  334.600768][T16705]  sctp_make_strreset_tsnreq+0x85/0x180
[  334.600788][T16705]  ? __pfx_sctp_make_strreset_tsnreq+0x10/0x10
[  334.600810][T16705]  ? sctp_setsockopt+0x54e/0xb810
[  334.600834][T16705]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  334.600853][T16705]  sctp_send_reset_assoc+0x12f/0x570
[  334.600879][T16705]  sctp_setsockopt+0x1011/0xb810
[  334.600903][T16705]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  334.600929][T16705]  ? __pfx_sctp_setsockopt+0x10/0x10
[  334.600994][T16705]  ? selinux_socket_setsockopt+0x6a/0x80
[  334.601013][T16705]  ? sock_common_setsockopt+0x2e/0xf0
[  334.601032][T16705]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  334.601049][T16705]  do_sock_setsockopt+0x222/0x480
[  334.601066][T16705]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  334.601083][T16705]  ? lock_acquire+0x2f/0xb0
[  334.601116][T16705]  __sys_setsockopt+0x1a0/0x230
[  334.601143][T16705]  __x64_sys_setsockopt+0xbd/0x160
[  334.601166][T16705]  ? do_syscall_64+0x91/0x250
[  334.601189][T16705]  ? lockdep_hardirqs_on+0x7c/0x110
[  334.601210][T16705]  do_syscall_64+0xcd/0x250
[  334.601234][T16705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.601256][T16705] RIP: 0033:0x7fede3f8d169
[  334.601270][T16705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.601286][T16705] RSP: 002b:00007fede4e69038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  334.601303][T16705] RAX: ffffffffffffffda RBX: 00007fede41a5fa0 RCX: 00007fede3f8d169
[  334.601314][T16705] RDX: 0000000000000078 RSI: 0000000000000084 RDI: 0000000000000003
[  334.601324][T16705] RBP: 00007fede4e69090 R08: 0000000000000004 R09: 0000000000000000
[  334.601334][T16705] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  334.601345][T16705] R13: 0000000000000000 R14: 00007fede41a5fa0 R15: 00007ffc58dd5ba8
[  334.601369][T16705]  </TASK>
[  335.359514][T16778] FAULT_INJECTION: forcing a failure.
[  335.359514][T16778] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  335.363141][T16778] CPU: 3 UID: 0 PID: 16778 Comm: syz.4.4204 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  335.363156][T16778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  335.363163][T16778] Call Trace:
[  335.363167][T16778]  <TASK>
[  335.363171][T16778]  dump_stack_lvl+0x16c/0x1f0
[  335.363190][T16778]  should_fail_ex+0x50a/0x650
[  335.363209][T16778]  _copy_from_user+0x2e/0xd0
[  335.363220][T16778]  do_pagemap_scan+0xc4/0xcd0
[  335.363236][T16778]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  335.363252][T16778]  ? __pfx_do_pagemap_scan+0x10/0x10
[  335.363269][T16778]  ? ioctl_has_perm.constprop.0.isra.0+0x2f2/0x450
[  335.363287][T16778]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  335.363305][T16778]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  335.363330][T16778]  ? selinux_file_ioctl+0x180/0x270
[  335.363346][T16778]  ? selinux_file_ioctl+0xb4/0x270
[  335.363364][T16778]  do_pagemap_cmd+0x58/0x80
[  335.363379][T16778]  ? __pfx_do_pagemap_cmd+0x10/0x10
[  335.363394][T16778]  __x64_sys_ioctl+0x190/0x200
[  335.363410][T16778]  do_syscall_64+0xcd/0x250
[  335.363426][T16778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.363442][T16778] RIP: 0033:0x7fa64b78d169
[  335.363450][T16778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.363461][T16778] RSP: 002b:00007fa6495f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  335.363471][T16778] RAX: ffffffffffffffda RBX: 00007fa64b9a5fa0 RCX: 00007fa64b78d169
[  335.363478][T16778] RDX: 00002000000001c0 RSI: 00000000c0606610 RDI: 0000000000000003
[  335.363484][T16778] RBP: 00007fa6495f6090 R08: 0000000000000000 R09: 0000000000000000
[  335.363490][T16778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  335.363496][T16778] R13: 0000000000000000 R14: 00007fa64b9a5fa0 R15: 00007ffe5c1bb678
[  335.363508][T16778]  </TASK>
[  335.374843][   T40] audit: type=1326 audit(1742700851.776:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16779 comm="syz.7.4205" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9592b8d169 code=0x0
[  335.612139][   T40] audit: type=1400 audit(1742700852.000:734): avc:  denied  { accept } for  pid=16800 comm="syz.6.4214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  335.634982][   T40] audit: type=1326 audit(1742700852.019:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16802 comm="syz.4.4215" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa64b78d169 code=0x0
[  335.960518][T16823] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  335.963634][T16823] FAULT_INJECTION: forcing a failure.
[  335.963634][T16823] name failslab, interval 1, probability 0, space 0, times 0
[  335.969443][T16823] CPU: 3 UID: 0 PID: 16823 Comm: syz.5.4223 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  335.969468][T16823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  335.969475][T16823] Call Trace:
[  335.969486][T16823]  <TASK>
[  335.969491][T16823]  dump_stack_lvl+0x16c/0x1f0
[  335.969526][T16823]  should_fail_ex+0x50a/0x650
[  335.969564][T16823]  ? fs_reclaim_acquire+0xae/0x150
[  335.969581][T16823]  ? vhost_task_create+0xe6/0x2e0
[  335.969595][T16823]  should_failslab+0xc2/0x120
[  335.969607][T16823]  __kmalloc_cache_noprof+0x68/0x410
[  335.969625][T16823]  ? rcu_is_watching+0x12/0xc0
[  335.969637][T16823]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  335.969654][T16823]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  335.969666][T16823]  vhost_task_create+0xe6/0x2e0
[  335.969679][T16823]  ? __pfx_vhost_task_create+0x10/0x10
[  335.969692][T16823]  ? kvm_mmu_post_init_vm+0xb4/0x370
[  335.969709][T16823]  ? __pfx_vhost_task_fn+0x10/0x10
[  335.969723][T16823]  ? lock_acquire.part.0+0x11b/0x380
[  335.969739][T16823]  ? find_held_lock+0x2d/0x110
[  335.969754][T16823]  kvm_mmu_post_init_vm+0x1b7/0x370
[  335.969768][T16823]  kvm_arch_vcpu_ioctl_run+0x66/0x17f0
[  335.969781][T16823]  ? lock_acquire+0x2f/0xb0
[  335.969794][T16823]  ? kvm_vcpu_ioctl+0x14be/0x16b0
[  335.969809][T16823]  kvm_vcpu_ioctl+0x5ea/0x16b0
[  335.969823][T16823]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  335.969840][T16823]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  335.969859][T16823]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  335.969878][T16823]  ? __pfx_lock_release+0x10/0x10
[  335.969898][T16823]  ? selinux_file_ioctl+0x180/0x270
[  335.969914][T16823]  ? selinux_file_ioctl+0xb4/0x270
[  335.969931][T16823]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  335.969944][T16823]  __x64_sys_ioctl+0x190/0x200
[  335.969964][T16823]  do_syscall_64+0xcd/0x250
[  335.969980][T16823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.969995][T16823] RIP: 0033:0x7fede3f8d169
[  335.970004][T16823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.970014][T16823] RSP: 002b:00007fede4e69038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  335.970025][T16823] RAX: ffffffffffffffda RBX: 00007fede41a5fa0 RCX: 00007fede3f8d169
[  335.970031][T16823] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000b
[  335.970037][T16823] RBP: 00007fede4e69090 R08: 0000000000000000 R09: 0000000000000000
[  335.970044][T16823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  335.970050][T16823] R13: 0000000000000000 R14: 00007fede41a5fa0 R15: 00007ffc58dd5ba8
[  335.970062][T16823]  </TASK>
[  336.219519][T16831] IPVS: ovf: UDP 127.0.0.1:19999 - no destination available
[  336.219555][   T36] IPVS: starting estimator thread 0...
[  336.257780][   T40] audit: type=1400 audit(1742700852.608:736): avc:  denied  { shutdown } for  pid=16835 comm="syz.4.4228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  336.303199][T16842] 9pnet_fd: Insufficient options for proto=fd
[  336.320185][T16832] IPVS: using max 37 ests per chain, 88800 per kthread
[  336.396068][T16853] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4234'.
[  336.466656][T16861] FAULT_INJECTION: forcing a failure.
[  336.466656][T16861] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  336.470647][T16861] CPU: 3 UID: 0 PID: 16861 Comm: syz.6.4238 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  336.470669][T16861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  336.470679][T16861] Call Trace:
[  336.470684][T16861]  <TASK>
[  336.470691][T16861]  dump_stack_lvl+0x16c/0x1f0
[  336.470718][T16861]  should_fail_ex+0x50a/0x650
[  336.470746][T16861]  _copy_from_user+0x2e/0xd0
[  336.470766][T16861]  ____sys_sendmsg+0x590/0xc90
[  336.470789][T16861]  ? __pfx_____sys_sendmsg+0x10/0x10
[  336.470821][T16861]  ___sys_sendmsg+0x135/0x1e0
[  336.470848][T16861]  ? __pfx____sys_sendmsg+0x10/0x10
[  336.470882][T16861]  ? __pfx_lock_release+0x10/0x10
[  336.470904][T16861]  ? trace_lock_acquire+0x14e/0x1f0
[  336.470924][T16861]  ? __fget_files+0x206/0x3a0
[  336.470938][T16861]  __sys_sendmsg+0x16e/0x220
[  336.470955][T16861]  ? __pfx___sys_sendmsg+0x10/0x10
[  336.470984][T16861]  do_syscall_64+0xcd/0x250
[  336.471001][T16861]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.471016][T16861] RIP: 0033:0x7fc20518d169
[  336.471025][T16861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.471036][T16861] RSP: 002b:00007fc206038038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  336.471046][T16861] RAX: ffffffffffffffda RBX: 00007fc2053a5fa0 RCX: 00007fc20518d169
[  336.471053][T16861] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  336.471059][T16861] RBP: 00007fc206038090 R08: 0000000000000000 R09: 0000000000000000
[  336.471065][T16861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.471071][T16861] R13: 0000000000000000 R14: 00007fc2053a5fa0 R15: 00007ffd53e70d88
[  336.471083][T16861]  </TASK>
[  336.600626][T16872] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4243'.
[  336.664464][T16879] netlink: 'syz.5.4246': attribute type 23 has an invalid length.
[  336.812748][T16891] netlink: 1624 bytes leftover after parsing attributes in process `syz.6.4253'.
[  336.977915][T16907] netlink: 1688 bytes leftover after parsing attributes in process `syz.5.4258'.
[  337.069558][T16917] FAULT_INJECTION: forcing a failure.
[  337.069558][T16917] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  337.073454][T16917] CPU: 0 UID: 0 PID: 16917 Comm: syz.6.4261 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  337.073468][T16917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  337.073476][T16917] Call Trace:
[  337.073479][T16917]  <TASK>
[  337.073484][T16917]  dump_stack_lvl+0x16c/0x1f0
[  337.073504][T16917]  should_fail_ex+0x50a/0x650
[  337.073523][T16917]  _copy_from_user+0x2e/0xd0
[  337.073535][T16917]  ? __pfx_do_get_msr+0x10/0x10
[  337.073551][T16917]  msr_io+0x94/0x290
[  337.073561][T16917]  ? rcu_is_watching+0x12/0xc0
[  337.073574][T16917]  ? __pfx_msr_io+0x10/0x10
[  337.073584][T16917]  ? unwind_get_return_address+0x59/0xa0
[  337.073601][T16917]  ? kvm_arch_vcpu_ioctl+0x2004/0x5050
[  337.073614][T16917]  ? lock_acquire+0x2f/0xb0
[  337.073628][T16917]  ? kvm_arch_vcpu_ioctl+0x2004/0x5050
[  337.073640][T16917]  kvm_arch_vcpu_ioctl+0x2021/0x5050
[  337.073651][T16917]  ? kvm_arch_vcpu_ioctl+0x2004/0x5050
[  337.073663][T16917]  ? hlock_class+0x4e/0x130
[  337.073674][T16917]  ? __lock_acquire+0x15a9/0x3c40
[  337.073689][T16917]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  337.073703][T16917]  ? kasan_save_track+0x14/0x30
[  337.073713][T16917]  ? __kasan_slab_free+0x51/0x70
[  337.073724][T16917]  ? __pfx___lock_acquire+0x10/0x10
[  337.073738][T16917]  ? __x64_sys_ioctl+0xb7/0x200
[  337.073756][T16917]  ? do_syscall_64+0xcd/0x250
[  337.073770][T16917]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.073786][T16917]  ? hlock_class+0x4e/0x130
[  337.073798][T16917]  ? lock_acquire.part.0+0x11b/0x380
[  337.073816][T16917]  ? __mutex_trylock_common+0xea/0x250
[  337.073832][T16917]  ? __pfx___mutex_trylock_common+0x10/0x10
[  337.073847][T16917]  ? kvm_vcpu_ioctl+0x27f/0x16b0
[  337.073861][T16917]  ? rcu_is_watching+0x12/0xc0
[  337.073872][T16917]  ? trace_contention_end+0xee/0x140
[  337.073888][T16917]  ? __mutex_lock+0x1cc/0xb10
[  337.073904][T16917]  ? kvm_vcpu_ioctl+0x27f/0x16b0
[  337.073915][T16917]  ? tomoyo_path_number_perm+0x298/0x590
[  337.073930][T16917]  ? __pfx___mutex_lock+0x10/0x10
[  337.073949][T16917]  ? tomoyo_path_number_perm+0x190/0x590
[  337.073965][T16917]  ? kvm_vcpu_ioctl+0x1258/0x16b0
[  337.073976][T16917]  kvm_vcpu_ioctl+0x1258/0x16b0
[  337.073990][T16917]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  337.074007][T16917]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  337.074025][T16917]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  337.074044][T16917]  ? __pfx_lock_release+0x10/0x10
[  337.074064][T16917]  ? selinux_file_ioctl+0x180/0x270
[  337.074080][T16917]  ? selinux_file_ioctl+0xb4/0x270
[  337.074097][T16917]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  337.074110][T16917]  __x64_sys_ioctl+0x190/0x200
[  337.074126][T16917]  do_syscall_64+0xcd/0x250
[  337.074142][T16917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.074156][T16917] RIP: 0033:0x7fc20518d169
[  337.074166][T16917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.074176][T16917] RSP: 002b:00007fc206038038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  337.074186][T16917] RAX: ffffffffffffffda RBX: 00007fc2053a5fa0 RCX: 00007fc20518d169
[  337.074193][T16917] RDX: 0000200000000180 RSI: 00000000c008ae88 RDI: 0000000000000005
[  337.074199][T16917] RBP: 00007fc206038090 R08: 0000000000000000 R09: 0000000000000000
[  337.074205][T16917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  337.074211][T16917] R13: 0000000000000000 R14: 00007fc2053a5fa0 R15: 00007ffd53e70d88
[  337.074224][T16917]  </TASK>
[  337.139334][T16911] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  337.256121][T16923] team0: Port device team_slave_1 removed
[  337.554952][T16962] pim6reg: entered allmulticast mode
[  337.557409][T16962] pim6reg: left allmulticast mode
[  337.821650][T16996] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1 sclass=netlink_route_socket pid=16996 comm=syz.7.4283
[  338.242400][T17027] __nla_validate_parse: 3 callbacks suppressed
[  338.242433][T17027] netlink: 830 bytes leftover after parsing attributes in process `syz.7.4296'.
[  338.439657][ T5949] Bluetooth: hci0: unexpected event 0x01 length: 4 > 1
[  338.468975][ T5949] Bluetooth: hci3: command 0x1003 tx timeout
[  338.473313][ T5943] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  338.567332][T17052] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4308'.
[  338.622579][   T40] audit: type=1400 audit(1742700854.816:737): avc:  denied  { read } for  pid=17054 comm="syz.4.4309" path="socket:[70034]" dev="sockfs" ino=70034 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  338.629829][T17056] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=1 sclass=netlink_tcpdiag_socket pid=17056 comm=syz.4.4309
[  338.640515][T17065] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17065 comm=syz.7.4310
[  338.725730][T17075] lo: entered allmulticast mode
[  338.728579][T17075] tunl0: entered allmulticast mode
[  338.731354][T17075] gre0: entered allmulticast mode
[  338.738347][T17075] gretap0: entered allmulticast mode
[  338.742580][T17075] erspan0: entered allmulticast mode
[  338.746807][T17075] ip_vti0: entered allmulticast mode
[  338.750296][T17075] ip6_vti0: entered allmulticast mode
[  338.754298][T17075] sit0: entered allmulticast mode
[  338.759366][T17075] ip6tnl0: entered allmulticast mode
[  338.763456][T17075] ip6gre0: entered allmulticast mode
[  338.770892][T17075] ip6gretap0: entered allmulticast mode
[  338.773829][T17075] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.775945][T17075] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.778183][T17075] bridge0: entered allmulticast mode
[  338.781209][T17075] vcan0: entered allmulticast mode
[  338.783129][T17075] bond0: entered allmulticast mode
[  338.784579][T17075] bond_slave_0: entered allmulticast mode
[  338.786209][T17075] bond_slave_1: entered allmulticast mode
[  338.791773][T17075] team0: entered allmulticast mode
[  338.793447][T17075] team_slave_0: entered allmulticast mode
[  338.795037][T17075] team_slave_1: entered allmulticast mode
[  338.797936][T17075] dummy0: entered allmulticast mode
[  338.803882][T17075] nlmon0: entered allmulticast mode
[  338.807054][T17075] caif0: entered allmulticast mode
[  338.809534][T17075] batadv0: entered allmulticast mode
[  338.814875][T17075] vxcan0: entered allmulticast mode
[  338.817726][T17075] vxcan1: entered allmulticast mode
[  338.821791][T17075] veth0: entered allmulticast mode
[  338.827085][T17075] veth1: entered allmulticast mode
[  338.831492][T17075] wg0: entered allmulticast mode
[  338.836329][T17075] wg1: entered allmulticast mode
[  338.840176][T17075] wg2: left promiscuous mode
[  338.844539][T17075] veth0_to_bridge: entered allmulticast mode
[  338.857161][T17075] veth1_to_bridge: entered allmulticast mode
[  338.864085][T17075] veth0_to_bond: entered allmulticast mode
[  338.870163][T17075] veth1_to_bond: entered allmulticast mode
[  338.876329][T17075] veth0_to_team: entered allmulticast mode
[  338.884169][T17075] veth1_to_team: entered allmulticast mode
[  338.891943][T17075] veth0_to_batadv: entered allmulticast mode
[  338.895720][T17075] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  338.900424][T17075] batadv_slave_0: entered allmulticast mode
[  338.905458][T17075] veth1_to_batadv: entered allmulticast mode
[  338.909250][T17075] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  338.913563][T17075] batadv_slave_1: entered allmulticast mode
[  338.917548][T17075] xfrm0: entered allmulticast mode
[  338.922627][T17075] veth0_to_hsr: entered allmulticast mode
[  338.927565][T17075] hsr_slave_0: entered allmulticast mode
[  338.932084][T17075] veth1_to_hsr: entered allmulticast mode
[  338.935930][T17075] hsr_slave_1: entered allmulticast mode
[  338.939487][T17075] hsr0: entered allmulticast mode
[  338.943994][T17075] veth1_virt_wifi: entered allmulticast mode
[  338.949046][T17075] veth0_virt_wifi: entered allmulticast mode
[  338.954949][T17075] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  338.959156][T17075] veth1_vlan: entered allmulticast mode
[  338.964362][T17075] veth0_vlan: entered allmulticast mode
[  338.971397][T17075] vlan0: entered allmulticast mode
[  338.973544][T17075] vlan1: entered allmulticast mode
[  338.976777][T17075] macvlan0: entered allmulticast mode
[  338.980779][T17075] macvlan1: entered allmulticast mode
[  338.983760][T17075] ipvlan0: entered allmulticast mode
[  338.985300][T17075] ipvlan1: entered allmulticast mode
[  338.987742][T17075] veth1_macvtap: entered allmulticast mode
[  338.991104][T17075] veth0_macvtap: entered allmulticast mode
[  338.997542][T17075] macvtap0: entered allmulticast mode
[  338.999998][T17075] macsec0: entered allmulticast mode
[  339.006866][T17075] geneve0: entered allmulticast mode
[  339.010449][T17075] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  339.015191][T17075] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  339.018606][T17075] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  339.022068][T17075] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  339.025544][T17075] geneve1: entered allmulticast mode
[  339.029804][T17075] netdevsim netdevsim7 netdevsim0: entered allmulticast mode
[  339.034127][T17075] netdevsim netdevsim7 netdevsim1: entered allmulticast mode
[  339.040543][T17075] netdevsim netdevsim7 netdevsim2: entered allmulticast mode
[  339.045091][T17075] netdevsim netdevsim7 netdevsim3: entered allmulticast mode
[  339.055284][T17075] mac80211_hwsim hwsim18 wlan0: entered allmulticast mode
[  339.070439][T17075] mac80211_hwsim hwsim19 wlan1: entered allmulticast mode
[  339.074888][T17075] ip6tnl1: entered allmulticast mode
[  339.077881][T17075] ip6gre1: entered allmulticast mode
[  339.081343][T17075] vxlan0: entered allmulticast mode
[  339.083479][T17075] bridge1: entered allmulticast mode
[  339.086080][T17075] gre1: entered allmulticast mode
[  339.116390][T17089] SELinux:  Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped).
[  339.124431][   T40] audit: type=1400 audit(1742700855.293:738): avc:  denied  { relabelto } for  pid=17088 comm="syz.6.4320" name="cgroup.procs" dev="cgroup" ino=410 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:semanage_exec_t:s0"
[  339.133685][   T40] audit: type=1400 audit(1742700855.293:739): avc:  denied  { associate } for  pid=17088 comm="syz.6.4320" name="cgroup.procs" dev="cgroup" ino=410 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:semanage_exec_t:s0"
[  339.143487][   T40] audit: type=1400 audit(1742700855.293:740): avc:  denied  { mount } for  pid=17088 comm="syz.6.4320" name="/" dev="pstore" ino=2579 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  339.215882][T17095] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  339.810192][T17112] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  339.946944][   T40] audit: type=1400 audit(1742700856.060:741): avc:  denied  { module_request } for  pid=17117 comm="syz.4.4331" kmod="netdev-" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  340.090540][T17129] netlink: 1752 bytes leftover after parsing attributes in process `syz.7.4334'.
[  340.142029][   T40] audit: type=1400 audit(1742700856.237:742): avc:  denied  { ioctl } for  pid=17133 comm="syz.4.4336" path="socket:[69484]" dev="sockfs" ino=69484 ioctlcmd=0x8924 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  340.459267][T17159] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4346'.
[  340.541876][T17163] netlink: 1752 bytes leftover after parsing attributes in process `syz.5.4348'.
[  340.580275][T17165] netlink: 1752 bytes leftover after parsing attributes in process `syz.5.4349'.
[  340.619243][T17169] lo: entered allmulticast mode
[  340.621941][T17169] tunl0: entered allmulticast mode
[  340.624249][T17169] gre0: entered allmulticast mode
[  340.627814][T17169] gretap0: entered allmulticast mode
[  340.632248][T17169] erspan0: entered allmulticast mode
[  340.635437][T17169] ip_vti0: entered allmulticast mode
[  340.637561][T17169] ip6_vti0: entered allmulticast mode
[  340.640597][T17169] sit0: entered allmulticast mode
[  340.643248][T17169] ip6tnl0: entered allmulticast mode
[  340.645784][T17169] ip6gre0: entered allmulticast mode
[  340.654641][T17169] syz_tun: entered allmulticast mode
[  340.657247][T17169] ip6gretap0: entered allmulticast mode
[  340.659655][T17169] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.661604][T17169] bridge0: port 1(bridge_slave_0) entered disabled state
[  340.663874][T17169] bridge0: entered allmulticast mode
[  340.666796][T17169] vcan0: entered allmulticast mode
[  340.670111][T17169] bond0: entered allmulticast mode
[  340.671598][T17169] bond_slave_0: entered allmulticast mode
[  340.673669][T17169] bond_slave_1: entered allmulticast mode
[  340.682704][T17174] syz.5.4351: attempt to access beyond end of device
[  340.682704][T17174] nbd5: rw=2048, sector=0, nr_sectors = 8 limit=0
[  340.682725][T17169] team0: entered allmulticast mode
[  340.682737][T17169] team_slave_0: entered allmulticast mode
[  340.686269][T17174] SQUASHFS error: Failed to read block 0x0: -5
[  340.688591][T17169] dummy0: entered allmulticast mode
[  340.688806][T17174] unable to read squashfs_super_block
[  340.694951][T17169] nlmon0: entered allmulticast mode
[  340.696951][T17169] caif0: entered allmulticast mode
[  340.698467][T17169] batadv0: entered allmulticast mode
[  340.701146][T17169] vxcan0: entered allmulticast mode
[  340.702888][T17169] vxcan1: entered allmulticast mode
[  340.708563][T17169] veth0: entered allmulticast mode
[  340.711426][T17174] Cannot find add_set index 0 as target
[  340.712051][T17169] veth1: entered allmulticast mode
[  340.716495][T17169] wg0: entered allmulticast mode
[  340.720173][T17169] wg1: entered allmulticast mode
[  340.722413][T17169] wg2: entered allmulticast mode
[  340.725576][T17169] veth0_to_bridge: entered allmulticast mode
[  340.730275][T17169] veth1_to_bridge: entered allmulticast mode
[  340.734649][T17169] veth0_to_bond: entered allmulticast mode
[  340.738915][T17169] veth1_to_bond: entered allmulticast mode
[  340.742671][T17169] veth0_to_team: entered allmulticast mode
[  340.746908][T17169] veth0_to_batadv: entered allmulticast mode
[  340.749432][T17169] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  340.752191][T17169] batadv_slave_0: entered allmulticast mode
[  340.755617][T17169] veth1_to_batadv: entered allmulticast mode
[  340.758314][T17169] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  340.761077][T17169] batadv_slave_1: entered allmulticast mode
[  340.764138][T17169] xfrm0: entered allmulticast mode
[  340.767699][T17169] veth0_to_hsr: entered allmulticast mode
[  340.770185][T17169] hsr_slave_0: entered allmulticast mode
[  340.773237][T17169] veth1_to_hsr: entered allmulticast mode
[  340.775737][T17169] hsr_slave_1: entered allmulticast mode
[  340.779059][T17169] hsr0: entered allmulticast mode
[  340.782111][T17169] veth1_virt_wifi: entered allmulticast mode
[  340.785472][T17169] veth0_virt_wifi: entered allmulticast mode
[  340.787884][T17169] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  340.791388][T17169] veth1_vlan: entered allmulticast mode
[  340.795191][T17169] veth0_vlan: entered allmulticast mode
[  340.800299][T17169] vlan0: entered allmulticast mode
[  340.801704][T17169] vlan1: entered allmulticast mode
[  340.803259][T17169] macvlan0: entered allmulticast mode
[  340.805893][T17169] macvlan1: entered allmulticast mode
[  340.808132][T17169] ipvlan0: entered allmulticast mode
[  340.809579][T17169] ipvlan1: entered allmulticast mode
[  340.812002][T17169] veth1_macvtap: entered allmulticast mode
[  340.815318][T17169] veth0_macvtap: entered allmulticast mode
[  340.817871][T17169] macvtap0: entered allmulticast mode
[  340.820252][T17169] macsec0: entered allmulticast mode
[  340.823103][T17169] geneve0: entered allmulticast mode
[  340.825783][T17169] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  340.827990][T17169] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  340.830191][T17169] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  340.832696][T17169] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  340.835085][T17169] geneve1: entered allmulticast mode
[  340.839096][T17169] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[  340.841983][T17169] netdevsim netdevsim5 netdevsim1: entered allmulticast mode
[  340.845444][T17169] netdevsim netdevsim5 netdevsim2: entered allmulticast mode
[  340.848241][T17169] netdevsim netdevsim5 netdevsim3: entered allmulticast mode
[  340.854581][T17169] mac80211_hwsim hwsim23 wlan0: entered allmulticast mode
[  340.858103][T17169] tipc: Resetting bearer <eth:wlan1>
[  340.862364][T17169] mac80211_hwsim hwsim24 wlan1: entered allmulticast mode
[  340.914405][T17176] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.4354'.
[  340.972954][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  340.972964][   T40] audit: type=1400 audit(1742700857.023:747): avc:  denied  { accept } for  pid=17183 comm="syz.4.4358" path="socket:[70353]" dev="sockfs" ino=70353 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  341.181433][T17191] netlink: 1752 bytes leftover after parsing attributes in process `syz.5.4360'.
[  341.366742][T17201] netlink: 1752 bytes leftover after parsing attributes in process `syz.5.4365'.
[  341.461361][T17208] FAULT_INJECTION: forcing a failure.
[  341.461361][T17208] name failslab, interval 1, probability 0, space 0, times 0
[  341.467115][T17208] CPU: 3 UID: 0 PID: 17208 Comm: syz.5.4368 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  341.467139][T17208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  341.467150][T17208] Call Trace:
[  341.467156][T17208]  <TASK>
[  341.467163][T17208]  dump_stack_lvl+0x16c/0x1f0
[  341.467192][T17208]  should_fail_ex+0x50a/0x650
[  341.467217][T17208]  ? fs_reclaim_acquire+0xae/0x150
[  341.467244][T17208]  should_failslab+0xc2/0x120
[  341.467265][T17208]  kmem_cache_alloc_lru_noprof+0x73/0x3d0
[  341.467284][T17208]  ? __d_alloc+0x31/0xaa0
[  341.467307][T17208]  __d_alloc+0x31/0xaa0
[  341.467329][T17208]  d_alloc_pseudo+0x1c/0xc0
[  341.467352][T17208]  alloc_file_pseudo+0xd0/0x230
[  341.467376][T17208]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  341.467403][T17208]  sock_alloc_file+0x50/0x210
[  341.467423][T17208]  do_accept+0x23e/0x530
[  341.467444][T17208]  ? do_raw_spin_lock+0x12d/0x2c0
[  341.467461][T17208]  ? __pfx_do_accept+0x10/0x10
[  341.467498][T17208]  __sys_accept4+0xfe/0x1b0
[  341.467521][T17208]  ? __pfx___sys_accept4+0x10/0x10
[  341.467544][T17208]  ? rcu_is_watching+0x12/0xc0
[  341.467567][T17208]  __x64_sys_accept4+0x96/0x100
[  341.467589][T17208]  ? lockdep_hardirqs_on+0x7c/0x110
[  341.467613][T17208]  do_syscall_64+0xcd/0x250
[  341.467639][T17208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.467662][T17208] RIP: 0033:0x7fede3f8d169
[  341.467677][T17208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.467694][T17208] RSP: 002b:00007fede4e69038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  341.467711][T17208] RAX: ffffffffffffffda RBX: 00007fede41a5fa0 RCX: 00007fede3f8d169
[  341.467723][T17208] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  341.467732][T17208] RBP: 00007fede4e69090 R08: 0000000000000000 R09: 0000000000000000
[  341.467742][T17208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  341.467752][T17208] R13: 0000000000000000 R14: 00007fede41a5fa0 R15: 00007ffc58dd5ba8
[  341.467774][T17208]  </TASK>
[  341.970015][T17218] hfs: unable to load iocharset "io#harset"
[  342.076439][T17223] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.4374'.
[  342.146589][T17227] 9pnet_fd: Insufficient options for proto=fd
[  342.178515][   T10] usb 11-1: new high-speed USB device number 17 using dummy_hcd
[  342.181982][T17229] FAULT_INJECTION: forcing a failure.
[  342.181982][T17229] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  342.185577][T17229] CPU: 2 UID: 0 PID: 17229 Comm: syz.4.4377 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  342.185592][T17229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  342.185600][T17229] Call Trace:
[  342.185603][T17229]  <TASK>
[  342.185608][T17229]  dump_stack_lvl+0x16c/0x1f0
[  342.185627][T17229]  should_fail_ex+0x50a/0x650
[  342.185647][T17229]  _copy_from_iter+0x2a1/0x1560
[  342.185659][T17229]  ? trace_lock_acquire+0x14e/0x1f0
[  342.185673][T17229]  ? __pfx__copy_from_iter+0x10/0x10
[  342.185683][T17229]  ? __virt_addr_valid+0x1a4/0x590
[  342.185696][T17229]  ? __virt_addr_valid+0x5e/0x590
[  342.185706][T17229]  ? __phys_addr+0xc6/0x150
[  342.185716][T17229]  ? __phys_addr_symbol+0x30/0x80
[  342.185726][T17229]  ? __check_object_size+0x488/0x710
[  342.185741][T17229]  qrtr_sendmsg+0x3b5/0x790
[  342.185756][T17229]  ? __pfx_qrtr_node_enqueue+0x10/0x10
[  342.185771][T17229]  ? __pfx_qrtr_sendmsg+0x10/0x10
[  342.185791][T17229]  sock_write_iter+0x4fe/0x5b0
[  342.185804][T17229]  ? __pfx_sock_write_iter+0x10/0x10
[  342.185822][T17229]  ? __pfx_file_has_perm+0x10/0x10
[  342.185837][T17229]  do_iter_readv_writev+0x655/0x950
[  342.185855][T17229]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  342.185870][T17229]  ? selinux_file_permission+0x11f/0x580
[  342.185888][T17229]  ? bpf_lsm_file_permission+0x9/0x10
[  342.185900][T17229]  ? security_file_permission+0x71/0x210
[  342.185917][T17229]  ? rw_verify_area+0xcf/0x680
[  342.185933][T17229]  vfs_writev+0x363/0xdd0
[  342.185947][T17229]  ? find_held_lock+0x2d/0x110
[  342.185965][T17229]  ? __pfx_vfs_writev+0x10/0x10
[  342.185981][T17229]  ? find_held_lock+0x2d/0x110
[  342.185994][T17229]  ? __pfx_lock_release+0x10/0x10
[  342.186009][T17229]  ? trace_lock_acquire+0x14e/0x1f0
[  342.186026][T17229]  ? __fget_files+0x206/0x3a0
[  342.186040][T17229]  ? do_writev+0x297/0x340
[  342.186054][T17229]  do_writev+0x297/0x340
[  342.186069][T17229]  ? __pfx_do_writev+0x10/0x10
[  342.186088][T17229]  do_syscall_64+0xcd/0x250
[  342.186105][T17229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.186119][T17229] RIP: 0033:0x7fa64b78d169
[  342.186128][T17229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.186139][T17229] RSP: 002b:00007fa6495f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  342.186149][T17229] RAX: ffffffffffffffda RBX: 00007fa64b9a5fa0 RCX: 00007fa64b78d169
[  342.186155][T17229] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000003
[  342.186161][T17229] RBP: 00007fa6495f6090 R08: 0000000000000000 R09: 0000000000000000
[  342.186167][T17229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  342.186174][T17229] R13: 0000000000000000 R14: 00007fa64b9a5fa0 R15: 00007ffe5c1bb678
[  342.186187][T17229]  </TASK>
[  342.264372][    C2] vkms_vblank_simulate: vblank timer overrun
[  342.350245][   T10] usb 11-1: Using ep0 maxpacket: 16
[  342.353666][   T10] usb 11-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD5, changing to 0x85
[  342.356918][   T10] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  342.370440][   T10] usb 11-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  342.373932][   T10] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  342.376433][   T10] usb 11-1: Product: syz
[  342.377811][   T10] usb 11-1: Manufacturer: syz
[  342.379078][   T10] usb 11-1: SerialNumber: syz
[  342.393104][   T10] usb 11-1: config 0 descriptor??
[  342.395789][   T10] hub 11-1:0.0: bad descriptor, ignoring hub
[  342.397414][   T10] hub 11-1:0.0: probe with driver hub failed with error -5
[  342.400984][   T10] input: syz syz as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/input/input86
[  342.425308][   T40] audit: type=1400 audit(1742700858.379:748): avc:  denied  { shutdown } for  pid=17247 comm="syz.5.4387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  342.431405][   T40] audit: type=1326 audit(1742700858.379:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17253 comm="syz.7.4388" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9592b8d169 code=0x0
[  342.745134][   T31] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  342.842650][   T10] usb 11-1: USB disconnect, device number 17
[  342.917907][   T31] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  342.920402][   T31] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  342.923324][   T31] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  342.925931][   T31] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  342.929119][   T31] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  342.933391][   T31] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  342.935928][   T31] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  342.938303][   T31] usb 9-1: Product: syz
[  342.939803][   T31] usb 9-1: Manufacturer: syz
[  342.944544][   T31] cdc_wdm 9-1:1.0: skipping garbage
[  342.946621][   T31] cdc_wdm 9-1:1.0: skipping garbage
[  342.950759][   T31] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  342.953101][   T31] cdc_wdm 9-1:1.0: Unknown control protocol
[  343.017700][   T40] audit: type=1326 audit(1742700858.931:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17263 comm="syz.5.4391" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fede3f8d169 code=0x0
[  343.162314][ T5979] usb 9-1: USB disconnect, device number 13
[  343.348979][   T40] audit: type=1326 audit(1742700859.240:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17266 comm="syz.7.4392" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9592b8d169 code=0x0
[  343.637546][   T40] audit: type=1400 audit(1742700859.511:752): avc:  denied  { bind } for  pid=17276 comm="syz.6.4396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  344.159757][T17292] afs: Unknown parameter 'fowner'
[  344.177652][   T31] usb 11-1: new high-speed USB device number 18 using dummy_hcd
[  344.316520][T17298] netlink: 'syz.7.4404': attribute type 72 has an invalid length.
[  344.348934][   T31] usb 11-1: Using ep0 maxpacket: 16
[  344.351745][   T31] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  344.355416][   T31] usb 11-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  344.357990][   T31] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.362971][   T31] usb 11-1: config 0 descriptor??
[  344.366240][   T31] input: bcm5974 as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/input/input87
[  344.396513][T17300] overlayfs: failed to clone upperpath
[  344.551545][T17308] netlink: set zone limit has 8 unknown bytes
[  344.579810][T17285] input: syz0 as /devices/virtual/input/input88
[  344.582299][T17285] FAULT_INJECTION: forcing a failure.
[  344.582299][T17285] name failslab, interval 1, probability 0, space 0, times 0
[  344.585716][T17285] CPU: 2 UID: 0 PID: 17285 Comm: syz.6.4399 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  344.585742][T17285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  344.585753][T17285] Call Trace:
[  344.585760][T17285]  <TASK>
[  344.585767][T17285]  dump_stack_lvl+0x16c/0x1f0
[  344.585798][T17285]  should_fail_ex+0x50a/0x650
[  344.585824][T17285]  ? fs_reclaim_acquire+0xae/0x150
[  344.585851][T17285]  ? tomoyo_realpath_from_path+0xb9/0x720
[  344.585877][T17285]  should_failslab+0xc2/0x120
[  344.585898][T17285]  __kmalloc_noprof+0xcb/0x510
[  344.585916][T17285]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  344.585946][T17285]  tomoyo_realpath_from_path+0xb9/0x720
[  344.585968][T17285]  ? tomoyo_path_number_perm+0x235/0x590
[  344.585991][T17285]  ? tomoyo_path_number_perm+0x235/0x590
[  344.586016][T17285]  tomoyo_path_number_perm+0x248/0x590
[  344.586037][T17285]  ? tomoyo_path_number_perm+0x235/0x590
[  344.586062][T17285]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  344.586109][T17285]  ? __pfx_lock_release+0x10/0x10
[  344.586131][T17285]  ? trace_lock_acquire+0x14e/0x1f0
[  344.586155][T17285]  ? lock_acquire+0x2f/0xb0
[  344.586177][T17285]  ? __fget_files+0x40/0x3a0
[  344.586198][T17285]  ? __fget_files+0x206/0x3a0
[  344.586219][T17285]  security_file_ioctl+0x9b/0x240
[  344.586245][T17285]  __x64_sys_ioctl+0xb7/0x200
[  344.586271][T17285]  do_syscall_64+0xcd/0x250
[  344.586298][T17285]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.586322][T17285] RIP: 0033:0x7fc20518d169
[  344.586336][T17285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.586354][T17285] RSP: 002b:00007fc206038038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  344.586372][T17285] RAX: ffffffffffffffda RBX: 00007fc2053a5fa0 RCX: 00007fc20518d169
[  344.586385][T17285] RDX: 0000000000000000 RSI: 00000000405c5503 RDI: 0000000000000004
[  344.586396][T17285] RBP: 00007fc206038090 R08: 0000000000000000 R09: 0000000000000000
[  344.586407][T17285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  344.586417][T17285] R13: 0000000000000000 R14: 00007fc2053a5fa0 R15: 00007ffd53e70d88
[  344.586440][T17285]  </TASK>
[  344.586448][T17285] ERROR: Out of memory at tomoyo_realpath_from_path.
[  344.597129][T17310] trusted_key: encrypted_key: master key parameter is missing
[  344.792288][T17315] 9pnet_fd: Insufficient options for proto=fd
[  344.823247][T17318] kAFS: No cell specified
[  344.900995][T17324] netlink: 'syz.7.4417': attribute type 8 has an invalid length.
[  344.960373][T17292] overlayfs: statfs failed on './file0'
[  345.025823][T17336] kAFS: No cell specified
[  345.040928][T17339] tipc: Started in network mode
[  345.042349][T17339] tipc: Node identity 7f000001, cluster identity 4711
[  345.046037][T17339] tipc: Enabled bearer <udp:syz2>, priority 10
[  345.167882][T17361] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4427'.
[  345.191582][T17363] kAFS: No cell specified
[  345.228731][   T40] audit: type=1400 audit(1742700860.999:753): avc:  denied  { read write } for  pid=17364 comm="syz.5.4434" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  345.230261][T17365] loop2: detected capacity change from 0 to 524287999
[  345.235039][   T40] audit: type=1400 audit(1742700860.999:754): avc:  denied  { open } for  pid=17364 comm="syz.5.4434" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  345.253228][   T40] audit: type=1400 audit(1742700861.017:755): avc:  denied  { getopt } for  pid=17364 comm="syz.5.4434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  345.257250][T17365] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4434'.
[  345.263406][T17365] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4434'.
[  345.294151][T17369] overlayfs: failed to resolve './file1': -2
[  345.414179][T17375] DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
[  345.934676][T17398] FAULT_INJECTION: forcing a failure.
[  345.934676][T17398] name failslab, interval 1, probability 0, space 0, times 0
[  345.938076][T17398] CPU: 0 UID: 0 PID: 17398 Comm: syz.5.4445 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  345.938090][T17398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  345.938097][T17398] Call Trace:
[  345.938101][T17398]  <TASK>
[  345.938105][T17398]  dump_stack_lvl+0x16c/0x1f0
[  345.938124][T17398]  should_fail_ex+0x50a/0x650
[  345.938142][T17398]  ? fs_reclaim_acquire+0xae/0x150
[  345.938158][T17398]  ? tomoyo_encode2+0x100/0x3e0
[  345.938174][T17398]  should_failslab+0xc2/0x120
[  345.938187][T17398]  __kmalloc_noprof+0xcb/0x510
[  345.938198][T17398]  ? rcu_is_watching+0x12/0xc0
[  345.938211][T17398]  tomoyo_encode2+0x100/0x3e0
[  345.938229][T17398]  tomoyo_encode+0x29/0x50
[  345.938243][T17398]  tomoyo_realpath_from_path+0x19d/0x720
[  345.938260][T17398]  ? tomoyo_path_number_perm+0x235/0x590
[  345.938278][T17398]  tomoyo_path_number_perm+0x248/0x590
[  345.938291][T17398]  ? tomoyo_path_number_perm+0x235/0x590
[  345.938306][T17398]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  345.938332][T17398]  ? __pfx_lock_release+0x10/0x10
[  345.938347][T17398]  ? trace_lock_acquire+0x14e/0x1f0
[  345.938361][T17398]  ? lock_acquire+0x2f/0xb0
[  345.938374][T17398]  ? __fget_files+0x40/0x3a0
[  345.938386][T17398]  ? __fget_files+0x206/0x3a0
[  345.938398][T17398]  security_file_ioctl+0x9b/0x240
[  345.938415][T17398]  __x64_sys_ioctl+0xb7/0x200
[  345.938431][T17398]  do_syscall_64+0xcd/0x250
[  345.938447][T17398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.938463][T17398] RIP: 0033:0x7fede3f8d169
[  345.938471][T17398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.938482][T17398] RSP: 002b:00007fede4e69038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  345.938492][T17398] RAX: ffffffffffffffda RBX: 00007fede41a5fa0 RCX: 00007fede3f8d169
[  345.938498][T17398] RDX: 0000200000000280 RSI: 000000000000890b RDI: 0000000000000004
[  345.938504][T17398] RBP: 00007fede4e69090 R08: 0000000000000000 R09: 0000000000000000
[  345.938510][T17398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  345.938516][T17398] R13: 0000000000000000 R14: 00007fede41a5fa0 R15: 00007ffc58dd5ba8
[  345.938535][T17398]  </TASK>
[  345.938547][T17398] ERROR: Out of memory at tomoyo_realpath_from_path.
[  345.986558][T17348] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  346.134545][  T834] tipc: Node number set to 2130706433
[  346.187010][   T40] audit: type=1400 audit(1742700861.887:756): avc:  denied  { bind } for  pid=17415 comm="syz.7.4453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  346.356267][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  346.356278][   T40] audit: type=1800 audit(1742700862.046:758): pid=17423 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.7.4455" name="nullb0" dev="tmpfs" ino=828 res=0 errno=0
[  347.124786][ T5334] bcm5974 11-1:0.0: could not read from device
[  347.125075][ T5979] usb 11-1: USB disconnect, device number 18
[  347.155037][T17449] netlink: 56 bytes leftover after parsing attributes in process `syz.6.4467'.
[  347.160326][  T834] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  347.192680][   T40] audit: type=1400 audit(1742700862.841:759): avc:  denied  { ioctl } for  pid=17448 comm="syz.6.4467" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x1269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  347.224465][   T57] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  347.278004][ T5943] Bluetooth: hci0: command 0x0c1a tx timeout
[  347.345091][  T834] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  347.348088][  T834] usb 10-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  347.351281][  T834] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66
[  347.354263][  T834] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  347.357610][  T834] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  347.362473][  T834] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  347.365737][  T834] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  347.368180][  T834] usb 10-1: Product: syz
[  347.369649][  T834] usb 10-1: Manufacturer: syz
[  347.373409][  T834] cdc_wdm 10-1:1.0: skipping garbage
[  347.375547][  T834] cdc_wdm 10-1:1.0: skipping garbage
[  347.377707][  T834] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[  347.379540][  T834] cdc_wdm 10-1:1.0: Unknown control protocol
[  347.386089][   T57] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  347.389035][   T57] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  347.392158][   T57] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  347.395921][   T57] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  347.398890][   T57] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  347.402723][   T57] usb 9-1: config 0 descriptor??
[  347.633428][   T40] audit: type=1800 audit(1742700863.253:760): pid=17466 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=set_data cause=unavailable-hash-algorithm comm="syz.6.4474" name="/relabel" dev="selinuxfs" ino=8 res=0 errno=0
[  347.646231][T17473] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.649528][T17473] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  347.672780][T17475] netlink: 1688 bytes leftover after parsing attributes in process `syz.6.4475'.
[  347.715412][T17477] netlink: 36 bytes leftover after parsing attributes in process `syz.6.4476'.
[  347.835384][   T57] plantronics 0003:047F:FFFF.0012: unknown main item tag 0xd
[  347.838221][   T40] audit: type=1400 audit(1742700863.440:761): avc:  denied  { map } for  pid=17480 comm="syz.6.4478" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  347.844786][   T57] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving
[  347.844947][   T40] audit: type=1400 audit(1742700863.440:762): avc:  denied  { execute } for  pid=17480 comm="syz.6.4478" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  347.848257][   T57] plantronics 0003:047F:FFFF.0012: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  347.868556][T17429] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.871070][T17429] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  348.051380][   T31] usb 9-1: USB disconnect, device number 14
[  348.087879][T17429] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  348.090688][T17429] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  348.097170][ T5979] usb 10-1: USB disconnect, device number 15
[  348.251273][   T40] audit: type=1800 audit(1742700863.833:763): pid=17490 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.7.4482" name="nullb0" dev="tmpfs" ino=828 res=0 errno=0
[  349.252136][T17521] netlink: 100 bytes leftover after parsing attributes in process `syz.5.4493'.
[  349.492567][T17529] netlink: 'syz.5.4497': attribute type 72 has an invalid length.
[  349.610602][   T40] audit: type=1400 audit(1742700865.096:764): avc:  denied  { getopt } for  pid=17530 comm="syz.5.4506" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  349.819468][T17543] trusted_key: syz.5.4503 sent an empty control message without MSG_MORE.
[  350.156109][T17565] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4512'.
[  350.273855][T17568] netlink: 1624 bytes leftover after parsing attributes in process `syz.6.4513'.
[  350.409772][T17572] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  350.418405][T17572] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  350.706249][T17587] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4520'.
[  350.813014][T17602] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4526'.
[  351.169323][ T6706] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  351.308295][ T6706] usb 10-1: device descriptor read/64, error -71
[  351.575606][ T6706] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  351.672932][   T40] audit: type=1400 audit(1742700867.032:765): avc:  denied  { append } for  pid=17625 comm="syz.6.4536" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  351.693213][   T40] audit: type=1400 audit(1742700867.032:766): avc:  denied  { map } for  pid=17625 comm="syz.6.4536" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  351.701678][   T40] audit: type=1400 audit(1742700867.032:767): avc:  denied  { write execute } for  pid=17625 comm="syz.6.4536" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  351.714712][ T6706] usb 10-1: device descriptor read/64, error -71
[  351.793335][T17638] netlink: 11 bytes leftover after parsing attributes in process `syz.4.4540'.
[  351.819293][T17640] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  351.823268][T17640] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  351.832377][ T6706] usb usb10-port1: attempt power cycle
[  352.195606][ T6706] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  352.217936][ T6706] usb 10-1: device descriptor read/8, error -71
[  352.313271][ T6137] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  352.473557][ T6706] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[  352.484453][ T6137] usb 9-1: Using ep0 maxpacket: 8
[  352.487863][ T6137] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  352.491049][ T6137] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  352.493753][ T6137] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  352.495286][ T6706] usb 10-1: device descriptor read/8, error -71
[  352.496896][ T6137] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  352.502231][ T6137] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  352.504809][ T6137] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  352.620462][ T6706] usb usb10-port1: unable to enumerate USB device
[  352.726507][ T6137] usb 9-1: usb_control_msg returned -32
[  352.728151][ T6137] usbtmc 9-1:16.0: can't read capabilities
[  352.812146][T17668] netlink: 11 bytes leftover after parsing attributes in process `syz.7.4551'.
[  352.881468][   T40] audit: type=1400 audit(1742700868.164:768): avc:  denied  { name_bind } for  pid=17675 comm="syz.7.4555" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  352.918505][T17679] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4556'.
[  352.922299][   T40] audit: type=1400 audit(1742700868.192:769): avc:  denied  { setattr } for  pid=17678 comm="syz.7.4556" path="socket:[73974]" dev="sockfs" ino=73974 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  354.014519][T17697] netlink: 11 bytes leftover after parsing attributes in process `syz.6.4562'.
[  354.036277][T17700] overlayfs: failed to clone lowerpath
[  354.044481][   T40] audit: type=1400 audit(1742700869.239:770): avc:  denied  { connect } for  pid=17701 comm="syz.6.4565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  354.050873][T17702] tls_set_device_offload: netdev not found
[  354.057058][T17700] overlayfs: failed to clone upperpath
[  354.640404][T17784] FAULT_INJECTION: forcing a failure.
[  354.640404][T17784] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  354.645046][T17784] CPU: 3 UID: 0 PID: 17784 Comm: syz.5.4584 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  354.645078][T17784] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  354.645089][T17784] Call Trace:
[  354.645103][T17784]  <TASK>
[  354.645109][T17784]  dump_stack_lvl+0x16c/0x1f0
[  354.645154][T17784]  should_fail_ex+0x50a/0x650
[  354.645189][T17784]  _copy_from_user+0x2e/0xd0
[  354.645208][T17784]  dma_heap_ioctl+0x553/0x6a0
[  354.645232][T17784]  ? __pfx_lock_release+0x10/0x10
[  354.645254][T17784]  ? __pfx_dma_heap_ioctl+0x10/0x10
[  354.645284][T17784]  ? selinux_file_ioctl+0x180/0x270
[  354.645308][T17784]  ? selinux_file_ioctl+0xb4/0x270
[  354.645334][T17784]  ? __pfx_dma_heap_ioctl+0x10/0x10
[  354.645356][T17784]  __x64_sys_ioctl+0x190/0x200
[  354.645380][T17784]  do_syscall_64+0xcd/0x250
[  354.645404][T17784]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.645425][T17784] RIP: 0033:0x7fede3f8d169
[  354.645439][T17784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  354.645454][T17784] RSP: 002b:00007fede4e69038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  354.645471][T17784] RAX: ffffffffffffffda RBX: 00007fede41a5fa0 RCX: 00007fede3f8d169
[  354.645482][T17784] RDX: 0000200000000100 RSI: 00000000c0184800 RDI: 0000000000000005
[  354.645492][T17784] RBP: 00007fede4e69090 R08: 0000000000000000 R09: 0000000000000000
[  354.645502][T17784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  354.645513][T17784] R13: 0000000000000000 R14: 00007fede41a5fa0 R15: 00007ffc58dd5ba8
[  354.645537][T17784]  </TASK>
[  354.750086][T17790] overlayfs: failed to clone lowerpath
[  354.823458][T17794] netlink: 1624 bytes leftover after parsing attributes in process `syz.7.4588'.
[  354.854575][T17792] netlink: 'syz.5.4586': attribute type 2 has an invalid length.
[  354.872153][T17792] fuse: blksize only supported for fuseblk
[  355.190261][T17815] netlink: 1624 bytes leftover after parsing attributes in process `syz.6.4597'.
[  355.263870][  T834] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[  355.270677][ T6706] usb 9-1: USB disconnect, device number 15
[  355.434957][  T834] usb 10-1: Using ep0 maxpacket: 16
[  355.437920][  T834] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  355.441737][  T834] usb 10-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  355.444490][  T834] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  355.448147][  T834] usb 10-1: config 0 descriptor??
[  355.451562][  T834] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input90
[  355.676655][T17806] input: syz0 as /devices/virtual/input/input91
[  356.810306][T17861] FAULT_INJECTION: forcing a failure.
[  356.810306][T17861] name failslab, interval 1, probability 0, space 0, times 0
[  356.814340][T17861] CPU: 3 UID: 0 PID: 17861 Comm: syz.4.4615 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  356.814357][T17861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  356.814364][T17861] Call Trace:
[  356.814367][T17861]  <TASK>
[  356.814371][T17861]  dump_stack_lvl+0x16c/0x1f0
[  356.814401][T17861]  should_fail_ex+0x50a/0x650
[  356.814418][T17861]  ? fs_reclaim_acquire+0xae/0x150
[  356.814435][T17861]  ? find_css_set+0x74e/0x1bb0
[  356.814448][T17861]  should_failslab+0xc2/0x120
[  356.814460][T17861]  __kmalloc_cache_noprof+0x68/0x410
[  356.814481][T17861]  find_css_set+0x74e/0x1bb0
[  356.814502][T17861]  ? __pfx_find_css_set+0x10/0x10
[  356.814516][T17861]  ? __pfx_mark_lock+0x10/0x10
[  356.814537][T17861]  ? cgroup_attach_task+0x483/0x920
[  356.814555][T17861]  cgroup_migrate_prepare_dst+0x10b/0x7f0
[  356.814573][T17861]  cgroup_attach_task+0x48f/0x920
[  356.814587][T17861]  ? generic_permission+0xad/0x7d0
[  356.814602][T17861]  ? __pfx_cgroup_attach_task+0x10/0x10
[  356.814623][T17861]  ? cgroup_attach_permissions+0x2aa/0x7b0
[  356.814644][T17861]  ? __cgroup_procs_write+0x3c1/0x650
[  356.814660][T17861]  __cgroup_procs_write+0x3c1/0x650
[  356.814678][T17861]  ? __pfx___cgroup_procs_write+0x10/0x10
[  356.814700][T17861]  cgroup_procs_write+0x26/0x60
[  356.814716][T17861]  cgroup_file_write+0x211/0x7d0
[  356.814728][T17861]  ? __pfx_cgroup_procs_write+0x10/0x10
[  356.814745][T17861]  ? __pfx_cgroup_file_write+0x10/0x10
[  356.814757][T17861]  ? lock_acquire+0x2f/0xb0
[  356.814776][T17861]  kernfs_fop_write_iter+0x33d/0x500
[  356.814789][T17861]  ? __pfx_cgroup_file_write+0x10/0x10
[  356.814803][T17861]  vfs_write+0x5ae/0x1150
[  356.814820][T17861]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  356.814834][T17861]  ? __pfx___mutex_lock+0x10/0x10
[  356.814849][T17861]  ? __pfx_vfs_write+0x10/0x10
[  356.814875][T17861]  ksys_write+0x12b/0x250
[  356.814885][T17861]  ? __pfx_ksys_write+0x10/0x10
[  356.814899][T17861]  do_syscall_64+0xcd/0x250
[  356.814915][T17861]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.814930][T17861] RIP: 0033:0x7fa64b78d169
[  356.814940][T17861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  356.814950][T17861] RSP: 002b:00007fa6495f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  356.814960][T17861] RAX: ffffffffffffffda RBX: 00007fa64b9a5fa0 RCX: 00007fa64b78d169
[  356.814967][T17861] RDX: 0000000000000012 RSI: 0000200000000080 RDI: 0000000000000008
[  356.814973][T17861] RBP: 00007fa6495f6090 R08: 0000000000000000 R09: 0000000000000000
[  356.814979][T17861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  356.814985][T17861] R13: 0000000000000000 R14: 00007fa64b9a5fa0 R15: 00007ffe5c1bb678
[  356.814999][T17861]  </TASK>
[  356.932226][T17863] netlink: 1616 bytes leftover after parsing attributes in process `syz.4.4616'.
[  357.136834][   T40] audit: type=1400 audit(1742700872.139:771): avc:  denied  { accept } for  pid=17869 comm="syz.4.4619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  357.142353][   T40] audit: type=1400 audit(1742700872.139:772): avc:  denied  { read } for  pid=17869 comm="syz.4.4619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  357.174571][   T40] audit: type=1804 audit(1742700872.167:773): pid=17870 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.4619" name="/newroot/231/file0" dev="tmpfs" ino=1214 res=1 errno=0
[  357.180425][   T40] audit: type=1800 audit(1742700872.167:774): pid=17870 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.4.4619" name="file0" dev="tmpfs" ino=1214 res=0 errno=0
[  357.339476][   T40] audit: type=1400 audit(1742700872.317:775): avc:  denied  { audit_write } for  pid=17877 comm="syz.4.4622" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  357.349812][   T40] audit: type=1107 audit(1742700872.326:776): pid=17877 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='¾æàº�Þ
äÒ÷�™ïõ
Öê’’êm­µ4UIþ÷_aéR)[üì@Š¡æ9¾Í%š{T›•)T¾²HØ#¾£ÉšÆ‘ué0kžyð�­‡¬M–0’ûR(>lìªÌM¾Ää5o'
[  357.404394][T17887] netlink: 1616 bytes leftover after parsing attributes in process `syz.6.4625'.
[  357.416026][T17891] netlink: 'syz.7.4626': attribute type 13 has an invalid length.
[  357.438863][T17895] netlink: 'syz.4.4629': attribute type 1 has an invalid length.
[  357.498441][   T40] audit: type=1400 audit(1742700872.467:777): avc:  denied  { create } for  pid=17896 comm="syz.6.4630" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  357.501076][T17897] erspan0: entered promiscuous mode
[  357.506966][T17897] erspan0: entered allmulticast mode
[  357.592043][T17903] fuse: Unknown parameter '
'
[  357.689168][T17914] netlink: 1616 bytes leftover after parsing attributes in process `syz.7.4636'.
[  357.701308][ T5979] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  357.874719][ T5979] usb 9-1: Using ep0 maxpacket: 16
[  357.885577][ T5979] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  357.889254][ T5979] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  357.892160][ T5979] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  357.896501][ T5979] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  357.899861][ T5979] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  357.904574][ T5979] usb 9-1: config 0 descriptor??
[  357.924497][T17925] cgroup2: Unknown parameter 'pcr'
[  358.079172][T17934] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  358.082170][T17934] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  358.234649][ T5334] bcm5974 10-1:0.0: could not read from device
[  358.245076][  T834] usb 10-1: USB disconnect, device number 20
[  358.245471][ T5334] bcm5974 10-1:0.0: could not read from device
[  358.338946][ T5979] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  358.342386][ T5979] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  358.345254][ T5979] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  358.348037][ T5979] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  358.350789][ T5979] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  358.353590][ T5979] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  358.357265][ T5979] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  358.360289][ T5979] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  358.363088][ T5979] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  358.365691][ T5979] microsoft 0003:045E:07DA.0013: unknown main item tag 0x0
[  358.368635][ T5979] HID 045e:07da: Invalid code 65791 type 1
[  358.372288][ T5979] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/0003:045E:07DA.0013/input/input92
[  358.378399][ T5979] microsoft 0003:045E:07DA.0013: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  358.379497][T17939] netlink: 'syz.5.4646': attribute type 72 has an invalid length.
[  358.465054][T17946] netlink: 96 bytes leftover after parsing attributes in process `syz.5.4649'.
[  358.615110][   T57] usb 9-1: USB disconnect, device number 16
[  358.735364][T17952] netlink: 72 bytes leftover after parsing attributes in process `syz.6.4651'.
[  359.387273][T17962] netlink: 'syz.5.4655': attribute type 72 has an invalid length.
[  359.585888][T17974] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=17974 comm=syz.5.4661
[  359.835095][T17990] netlink: 'syz.6.4665': attribute type 72 has an invalid length.
[  359.872138][T17992] xt_nat: multiple ranges no longer supported
[  359.876844][ T5943] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  359.882288][ T5943] CPU: 2 UID: 0 PID: 5943 Comm: kworker/u33:4 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  359.882306][ T5943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  359.882314][ T5943] Workqueue: hci2 hci_rx_work
[  359.882330][ T5943] Call Trace:
[  359.882334][ T5943]  <TASK>
[  359.882339][ T5943]  dump_stack_lvl+0x16c/0x1f0
[  359.882358][ T5943]  sysfs_warn_dup+0x7f/0xa0
[  359.882375][ T5943]  sysfs_create_dir_ns+0x24d/0x2b0
[  359.882392][ T5943]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  359.882409][ T5943]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  359.882421][ T5943]  ? kobject_add_internal+0x12d/0x990
[  359.882438][ T5943]  ? do_raw_spin_unlock+0x172/0x230
[  359.882449][ T5943]  kobject_add_internal+0x2c8/0x990
[  359.882468][ T5943]  kobject_add+0x16f/0x240
[  359.882484][ T5943]  ? __pfx_kobject_add+0x10/0x10
[  359.882500][ T5943]  ? class_to_subsys+0x3e/0x160
[  359.882516][ T5943]  ? do_raw_spin_unlock+0x172/0x230
[  359.882527][ T5943]  ? kobject_put+0xab/0x5a0
[  359.882546][ T5943]  device_add+0x289/0x1a70
[  359.882561][ T5943]  ? __pfx_dev_set_name+0x10/0x10
[  359.882577][ T5943]  ? __pfx_device_add+0x10/0x10
[  359.882593][ T5943]  ? mgmt_send_event_skb+0x2f2/0x460
[  359.882613][ T5943]  hci_conn_add_sysfs+0x17e/0x230
[  359.882626][ T5943]  le_conn_complete_evt+0x1077/0x1d60
[  359.882657][ T5943]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  359.882675][ T5943]  ? __mutex_lock+0x1cc/0xb10
[  359.882696][ T5943]  hci_le_conn_complete_evt+0x23c/0x370
[  359.882717][ T5943]  hci_le_meta_evt+0x2e2/0x5d0
[  359.882729][ T5943]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  359.882750][ T5943]  hci_event_packet+0x666/0x1180
[  359.882768][ T5943]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  359.882786][ T5943]  ? __pfx_hci_event_packet+0x10/0x10
[  359.882804][ T5943]  ? mark_held_locks+0x9f/0xe0
[  359.882821][ T5943]  ? kcov_remote_start+0x3cf/0x6e0
[  359.882838][ T5943]  ? lockdep_hardirqs_on+0x7c/0x110
[  359.882856][ T5943]  hci_rx_work+0x2c5/0x16b0
[  359.882869][ T5943]  ? process_one_work+0x921/0x1ba0
[  359.882887][ T5943]  process_one_work+0x9c5/0x1ba0
[  359.882905][ T5943]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  359.882921][ T5943]  ? __pfx_process_one_work+0x10/0x10
[  359.882939][ T5943]  ? assign_work+0x1a0/0x250
[  359.882953][ T5943]  worker_thread+0x6c8/0xf00
[  359.882973][ T5943]  ? __pfx_worker_thread+0x10/0x10
[  359.882988][ T5943]  kthread+0x3af/0x750
[  359.883001][ T5943]  ? __pfx_kthread+0x10/0x10
[  359.883014][ T5943]  ? lock_acquire+0x2f/0xb0
[  359.883031][ T5943]  ? __pfx_kthread+0x10/0x10
[  359.883044][ T5943]  ret_from_fork+0x45/0x80
[  359.883059][ T5943]  ? __pfx_kthread+0x10/0x10
[  359.883072][ T5943]  ret_from_fork_asm+0x1a/0x30
[  359.883091][ T5943]  </TASK>
[  359.883103][ T5943] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  359.948679][T17996] FAULT_INJECTION: forcing a failure.
[  359.948679][T17996] name failslab, interval 1, probability 0, space 0, times 0
[  359.949895][ T5943] Bluetooth: hci2: failed to register connection device
[  359.951145][T17996] CPU: 0 UID: 0 PID: 17996 Comm: syz.6.4668 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  359.951160][T17996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  359.951168][T17996] Call Trace:
[  359.951172][T17996]  <TASK>
[  359.951176][T17996]  dump_stack_lvl+0x16c/0x1f0
[  359.951195][T17996]  should_fail_ex+0x50a/0x650
[  359.951212][T17996]  ? fs_reclaim_acquire+0xae/0x150
[  359.951230][T17996]  should_failslab+0xc2/0x120
[  359.951242][T17996]  __kmalloc_node_track_caller_noprof+0xcf/0x510
[  359.951255][T17996]  ? ip6_setup_cork+0x61e/0x14d0
[  359.951272][T17996]  kmemdup_noprof+0x29/0x60
[  359.951287][T17996]  ip6_setup_cork+0x61e/0x14d0
[  359.951305][T17996]  ip6_append_data+0x28b/0x500
[  359.951319][T17996]  ? __pfx_raw6_getfrag+0x10/0x10
[  359.951334][T17996]  rawv6_sendmsg+0x15c9/0x4610
[  359.951353][T17996]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  359.951368][T17996]  ? avc_has_perm+0x11b/0x1c0
[  359.951380][T17996]  ? __pfx_avc_has_perm+0x10/0x10
[  359.951390][T17996]  ? avc_has_perm_noaudit+0x61/0x3a0
[  359.951413][T17996]  ? inode_has_perm+0x16f/0x1d0
[  359.951425][T17996]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  359.951439][T17996]  ? inet_sendmsg+0x119/0x140
[  359.951449][T17996]  inet_sendmsg+0x119/0x140
[  359.951459][T17996]  sock_write_iter+0x4ac/0x5b0
[  359.951472][T17996]  ? __pfx_sock_write_iter+0x10/0x10
[  359.951499][T17996]  ? bpf_lsm_file_permission+0x9/0x10
[  359.951517][T17996]  ? security_file_permission+0x71/0x210
[  359.951544][T17996]  ? rw_verify_area+0xcf/0x680
[  359.951573][T17996]  vfs_write+0x5ae/0x1150
[  359.951592][T17996]  ? __pfx_sock_write_iter+0x10/0x10
[  359.951606][T17996]  ? __pfx_vfs_write+0x10/0x10
[  359.951623][T17996]  ? __fget_files+0x40/0x3a0
[  359.951639][T17996]  ksys_write+0x207/0x250
[  359.951648][T17996]  ? __pfx_ksys_write+0x10/0x10
[  359.951661][T17996]  do_syscall_64+0xcd/0x250
[  359.951678][T17996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  359.951693][T17996] RIP: 0033:0x7fc20518d169
[  359.951702][T17996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  359.951712][T17996] RSP: 002b:00007fc206038038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  359.951722][T17996] RAX: ffffffffffffffda RBX: 00007fc2053a5fa0 RCX: 00007fc20518d169
[  359.951729][T17996] RDX: 0000000000000008 RSI: 00002000000000c0 RDI: 0000000000000003
[  359.951736][T17996] RBP: 00007fc206038090 R08: 0000000000000000 R09: 0000000000000000
[  359.951741][T17996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  359.951748][T17996] R13: 0000000000000000 R14: 00007fc2053a5fa0 R15: 00007ffd53e70d88
[  359.951761][T17996]  </TASK>
[  360.566368][   T36] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  360.576585][T18014] netlink: 1752 bytes leftover after parsing attributes in process `syz.5.4674'.
[  360.758812][   T36] usb 9-1: Using ep0 maxpacket: 16
[  360.761568][   T36] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  360.765847][   T36] usb 9-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  360.769465][   T36] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  360.773802][   T36] usb 9-1: config 0 descriptor??
[  360.778373][   T36] input: bcm5974 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input93
[  361.010011][ T5334] bcm5974 9-1:0.0: could not read from device
[  361.014511][   T36] bcm5974 9-1:0.0: could not read from device
[  361.018248][ T5334] bcm5974 9-1:0.0: could not read from device
[  361.022166][   T36] input: failed to attach handler mousedev to device input93, error: -5
[  361.025419][ T5334] bcm5974 9-1:0.0: could not read from device
[  361.025487][   T36] usb 9-1: USB disconnect, device number 17
[  361.177328][T18028] FAULT_INJECTION: forcing a failure.
[  361.177328][T18028] name failslab, interval 1, probability 0, space 0, times 0
[  361.181924][T18028] CPU: 2 UID: 0 PID: 18028 Comm: syz.6.4680 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  361.181946][T18028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  361.181958][T18028] Call Trace:
[  361.181963][T18028]  <TASK>
[  361.181970][T18028]  dump_stack_lvl+0x16c/0x1f0
[  361.181996][T18028]  should_fail_ex+0x50a/0x650
[  361.182020][T18028]  ? fs_reclaim_acquire+0xae/0x150
[  361.182045][T18028]  should_failslab+0xc2/0x120
[  361.182064][T18028]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  361.182083][T18028]  ? __alloc_skb+0x2b1/0x380
[  361.182109][T18028]  __alloc_skb+0x2b1/0x380
[  361.182131][T18028]  ? __pfx___alloc_skb+0x10/0x10
[  361.182151][T18028]  ? __lock_acquire+0xcc5/0x3c40
[  361.182181][T18028]  alloc_skb_with_frags+0xe4/0x850
[  361.182198][T18028]  ? __pfx___lock_acquire+0x10/0x10
[  361.182220][T18028]  ? __pfx___lock_acquire+0x10/0x10
[  361.182245][T18028]  sock_alloc_send_pskb+0x7f1/0x980
[  361.182269][T18028]  ? find_held_lock+0x2d/0x110
[  361.182292][T18028]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  361.182317][T18028]  ? lock_acquire+0x2f/0xb0
[  361.182337][T18028]  ? dev_get_by_index+0x37/0x380
[  361.182365][T18028]  packet_sendmsg+0x1ffa/0x5750
[  361.182404][T18028]  ? sock_has_perm+0x25a/0x2f0
[  361.182422][T18028]  ? __pfx_sock_has_perm+0x10/0x10
[  361.182443][T18028]  ? __pfx_packet_sendmsg+0x10/0x10
[  361.182479][T18028]  ____sys_sendmsg+0xaaf/0xc90
[  361.182498][T18028]  ? copy_msghdr_from_user+0x10b/0x160
[  361.182522][T18028]  ? __pfx_____sys_sendmsg+0x10/0x10
[  361.182539][T18028]  ? __lock_acquire+0xcc5/0x3c40
[  361.182577][T18028]  ___sys_sendmsg+0x135/0x1e0
[  361.182601][T18028]  ? __pfx____sys_sendmsg+0x10/0x10
[  361.182637][T18028]  ? trace_lock_acquire+0x14e/0x1f0
[  361.182670][T18028]  __sys_sendmmsg+0x201/0x420
[  361.182697][T18028]  ? __pfx___sys_sendmmsg+0x10/0x10
[  361.182729][T18028]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  361.182761][T18028]  ? fput+0x67/0x440
[  361.182780][T18028]  ? ksys_write+0x1ba/0x250
[  361.182795][T18028]  ? __pfx_ksys_write+0x10/0x10
[  361.182813][T18028]  __x64_sys_sendmmsg+0x9c/0x100
[  361.182837][T18028]  ? lockdep_hardirqs_on+0x7c/0x110
[  361.182857][T18028]  do_syscall_64+0xcd/0x250
[  361.182880][T18028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.182902][T18028] RIP: 0033:0x7fc20518d169
[  361.182915][T18028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  361.182930][T18028] RSP: 002b:00007fc206038038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  361.182947][T18028] RAX: ffffffffffffffda RBX: 00007fc2053a5fa0 RCX: 00007fc20518d169
[  361.182971][T18028] RDX: 0000000000000001 RSI: 0000200000000440 RDI: 0000000000000003
[  361.182981][T18028] RBP: 00007fc206038090 R08: 0000000000000000 R09: 0000000000000000
[  361.182992][T18028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  361.183002][T18028] R13: 0000000000000000 R14: 00007fc2053a5fa0 R15: 00007ffd53e70d88
[  361.183024][T18028]  </TASK>
[  361.388682][T18039] netlink: 52 bytes leftover after parsing attributes in process `syz.7.4685'.
[  361.425562][T18041] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4686'.
[  361.611945][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  361.611956][   T40] audit: type=1400 audit(1742700876.321:779): avc:  denied  { write } for  pid=18054 comm="syz.5.4692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  361.651889][T18058] netlink: 1688 bytes leftover after parsing attributes in process `syz.5.4693'.
[  362.065241][T18084] netlink: 'syz.5.4702': attribute type 72 has an invalid length.
[  362.220079][   T40] audit: type=1326 audit(1742700876.891:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18089 comm="syz.5.4705" exe="/syz-executor" sig=31 arch=c000003e syscall=15 compat=0 ip=0x7fede3f29359 code=0x0
[  362.552043][T18108] netlink: 72 bytes leftover after parsing attributes in process `syz.6.4709'.
[  362.583876][T18111] lo: entered allmulticast mode
[  362.587065][T18111] tunl0: entered allmulticast mode
[  362.589646][T18111] gre0: entered allmulticast mode
[  362.593138][T18111] gretap0: entered allmulticast mode
[  362.595970][T18111] erspan0: left promiscuous mode
[  362.598838][T18111] ip_vti0: entered allmulticast mode
[  362.601080][T18111] ip6_vti0: entered allmulticast mode
[  362.603570][T18111] sit0: entered allmulticast mode
[  362.606305][T18111] ip6tnl0: entered allmulticast mode
[  362.609070][T18111] ip6gre0: entered allmulticast mode
[  362.613229][T18111] syz_tun: entered allmulticast mode
[  362.616336][T18111] ip6gretap0: entered allmulticast mode
[  362.619913][T18111] bridge0: port 2(bridge_slave_1) entered disabled state
[  362.622063][T18111] bridge0: port 1(bridge_slave_0) entered disabled state
[  362.624280][T18111] bridge0: entered allmulticast mode
[  362.627099][T18111] vcan0: entered allmulticast mode
[  362.631214][T18111] bond0: entered allmulticast mode
[  362.632718][T18111] bond_slave_0: entered allmulticast mode
[  362.634373][T18111] bond_slave_1: entered allmulticast mode
[  362.639658][T18111] team0: entered allmulticast mode
[  362.641911][T18111] team_slave_0: entered allmulticast mode
[  362.643608][T18111] team_slave_1: entered allmulticast mode
[  362.646825][T18111] dummy0: entered allmulticast mode
[  362.649963][T18111] nlmon0: entered allmulticast mode
[  362.653077][T18111] caif0: entered allmulticast mode
[  362.655128][T18111] batadv0: entered allmulticast mode
[  362.658142][T18111] vxcan0: entered allmulticast mode
[  362.660168][T18111] vxcan1: entered allmulticast mode
[  362.663460][T18111] veth0: entered allmulticast mode
[  362.666828][T18111] veth1: entered allmulticast mode
[  362.669872][T18111] wg0: entered allmulticast mode
[  362.672765][T18111] wg1: entered allmulticast mode
[  362.675358][T18111] wg2: entered allmulticast mode
[  362.678557][T18111] veth0_to_bridge: entered allmulticast mode
[  362.683627][T18111] veth1_to_bridge: entered allmulticast mode
[  362.689668][T18111] veth0_to_bond: entered allmulticast mode
[  362.693846][T18111] veth1_to_bond: entered allmulticast mode
[  362.698026][T18111] veth0_to_team: entered allmulticast mode
[  362.702792][T18111] veth1_to_team: entered allmulticast mode
[  362.707672][T18111] veth0_to_batadv: entered allmulticast mode
[  362.710365][T18111] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  362.713573][T18111] batadv_slave_0: entered allmulticast mode
[  362.717383][T18111] veth1_to_batadv: entered allmulticast mode
[  362.720160][T18111] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  362.723261][T18111] batadv_slave_1: entered allmulticast mode
[  362.726372][T18111] xfrm0: entered allmulticast mode
[  362.729739][T18111] veth0_to_hsr: entered allmulticast mode
[  362.732547][T18111] hsr_slave_0: entered allmulticast mode
[  362.735947][T18111] veth1_to_hsr: entered allmulticast mode
[  362.739410][T18111] hsr_slave_1: entered allmulticast mode
[  362.742461][T18111] hsr0: entered allmulticast mode
[  362.746141][T18111] veth1_virt_wifi: entered allmulticast mode
[  362.750631][T18111] veth0_virt_wifi: entered allmulticast mode
[  362.755000][T18111] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  362.759015][T18111] veth1_vlan: entered allmulticast mode
[  362.762671][T18111] veth0_vlan: entered allmulticast mode
[  362.767874][T18111] vlan0: entered allmulticast mode
[  362.769950][T18111] vlan1: entered allmulticast mode
[  362.771918][T18111] macvlan0: entered allmulticast mode
[  362.775315][T18111] macvlan1: entered allmulticast mode
[  362.778612][T18111] ipvlan0: entered allmulticast mode
[  362.780933][T18111] ipvlan1: entered allmulticast mode
[  362.784174][T18111] veth1_macvtap: entered allmulticast mode
[  362.788490][T18111] veth0_macvtap: entered allmulticast mode
[  362.792200][T18111] macvtap0: entered allmulticast mode
[  362.795021][T18111] macsec0: entered allmulticast mode
[  362.798391][T18111] geneve0: entered allmulticast mode
[  362.803633][T18111] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  362.806641][T18111] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  362.809128][T18111] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  362.811894][T18111] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  362.814582][T18111] geneve1: entered allmulticast mode
[  362.817667][T18111] netdevsim netdevsim6 netdevsim0: entered allmulticast mode
[  362.821052][T18111] netdevsim netdevsim6 netdevsim1: entered allmulticast mode
[  362.825672][T18111] netdevsim netdevsim6 netdevsim2: entered allmulticast mode
[  362.829556][T18111] netdevsim netdevsim6 netdevsim3: entered allmulticast mode
[  362.837470][T18111] mac80211_hwsim hwsim25 wlan0: entered allmulticast mode
[  362.843421][T18111] mac80211_hwsim hwsim26 wlan1: entered allmulticast mode
[  362.847599][T18111] syztnl2: entered allmulticast mode
[  362.895805][T18113] netlink: 'syz.6.4711': attribute type 72 has an invalid length.
[  363.432591][T18146] netlink: 1752 bytes leftover after parsing attributes in process `syz.7.4724'.
[  364.117590][T18153] fuse: Unknown parameter 'grOup_id'
[  364.587091][T18166] netlink: 1752 bytes leftover after parsing attributes in process `syz.6.4733'.
[  364.881178][T18191] netlink: 1752 bytes leftover after parsing attributes in process `syz.7.4743'.
[  365.019270][T18197] erspan0: left allmulticast mode
[  365.019657][   T40] audit: type=1400 audit(1742700879.511:781): avc:  denied  { create } for  pid=18198 comm="syz.6.4747" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[  365.067636][   T57] IPVS: starting estimator thread 0...
[  365.067952][T18199] NILFS (nbd6): device size too small
[  365.079653][   T40] audit: type=1400 audit(1742700879.567:782): avc:  denied  { audit_read } for  pid=18198 comm="syz.6.4747" capability=37  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  365.129913][T18205] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4748'.
[  365.171813][T18207] FAULT_INJECTION: forcing a failure.
[  365.171813][T18207] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  365.177143][T18207] CPU: 1 UID: 0 PID: 18207 Comm: syz.6.4749 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  365.177165][T18207] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  365.177176][T18207] Call Trace:
[  365.177181][T18207]  <TASK>
[  365.177188][T18207]  dump_stack_lvl+0x16c/0x1f0
[  365.177231][T18207]  should_fail_ex+0x50a/0x650
[  365.177267][T18207]  _copy_from_iter+0x2a1/0x1560
[  365.177288][T18207]  ? trace_lock_acquire+0x14e/0x1f0
[  365.177310][T18207]  ? __alloc_skb+0x1fe/0x380
[  365.177336][T18207]  ? __pfx__copy_from_iter+0x10/0x10
[  365.177353][T18207]  ? __virt_addr_valid+0x1a4/0x590
[  365.177376][T18207]  ? __virt_addr_valid+0x5e/0x590
[  365.177395][T18207]  ? __phys_addr_symbol+0x30/0x80
[  365.177412][T18207]  ? __check_object_size+0x488/0x710
[  365.177442][T18207]  netlink_sendmsg+0x813/0xd70
[  365.177471][T18207]  ? __pfx_netlink_sendmsg+0x10/0x10
[  365.177504][T18207]  ____sys_sendmsg+0xaaf/0xc90
[  365.177524][T18207]  ? copy_msghdr_from_user+0x10b/0x160
[  365.177550][T18207]  ? __pfx_____sys_sendmsg+0x10/0x10
[  365.177581][T18207]  ___sys_sendmsg+0x135/0x1e0
[  365.177608][T18207]  ? __pfx____sys_sendmsg+0x10/0x10
[  365.177642][T18207]  ? __pfx_lock_release+0x10/0x10
[  365.177665][T18207]  ? trace_lock_acquire+0x14e/0x1f0
[  365.177692][T18207]  ? __fget_files+0x206/0x3a0
[  365.177716][T18207]  __sys_sendmsg+0x16e/0x220
[  365.177743][T18207]  ? __pfx___sys_sendmsg+0x10/0x10
[  365.177784][T18207]  do_syscall_64+0xcd/0x250
[  365.177811][T18207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.177835][T18207] RIP: 0033:0x7fc20518d169
[  365.177849][T18207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  365.177866][T18207] RSP: 002b:00007fc206038038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  365.177883][T18207] RAX: ffffffffffffffda RBX: 00007fc2053a5fa0 RCX: 00007fc20518d169
[  365.177895][T18207] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000000000000003
[  365.177905][T18207] RBP: 00007fc206038090 R08: 0000000000000000 R09: 0000000000000000
[  365.177916][T18207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  365.177927][T18207] R13: 0000000000000000 R14: 00007fc2053a5fa0 R15: 00007ffd53e70d88
[  365.177950][T18207]  </TASK>
[  365.183690][T18204] IPVS: using max 37 ests per chain, 88800 per kthread
[  365.566859][T18221] netlink: 'syz.4.4755': attribute type 10 has an invalid length.
[  365.574970][T18221] 8021q: adding VLAN 0 to HW filter on device batadv0
[  365.578960][T18221] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  365.622751][T18224] netlink: 10 bytes leftover after parsing attributes in process `syz.4.4756'.
[  365.666069][T18226] mmap: syz.4.4757 (18226): VmData 37466112 exceed data ulimit 4. Update limits or use boot option ignore_rlimit_data.
[  366.037287][T18234] overlayfs: failed to clone upperpath
[  366.041425][T18234] netlink: 'syz.7.4760': attribute type 11 has an invalid length.
[  366.276047][T18249] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4766'.
[  366.280792][T18249] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4766'.
[  366.327693][T18251] FAULT_INJECTION: forcing a failure.
[  366.327693][T18251] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  366.331336][T18251] CPU: 1 UID: 0 PID: 18251 Comm: syz.6.4767 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  366.331351][T18251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  366.331358][T18251] Call Trace:
[  366.331362][T18251]  <TASK>
[  366.331366][T18251]  dump_stack_lvl+0x16c/0x1f0
[  366.331385][T18251]  should_fail_ex+0x50a/0x650
[  366.331404][T18251]  _copy_from_iter+0x2a1/0x1560
[  366.331415][T18251]  ? trace_lock_acquire+0x14e/0x1f0
[  366.331429][T18251]  ? __alloc_skb+0x1fe/0x380
[  366.331445][T18251]  ? __pfx__copy_from_iter+0x10/0x10
[  366.331455][T18251]  ? __virt_addr_valid+0x1a4/0x590
[  366.331468][T18251]  ? __virt_addr_valid+0x5e/0x590
[  366.331483][T18251]  ? __phys_addr_symbol+0x30/0x80
[  366.331493][T18251]  ? __check_object_size+0x488/0x710
[  366.331508][T18251]  netlink_sendmsg+0x813/0xd70
[  366.331526][T18251]  ? __pfx_netlink_sendmsg+0x10/0x10
[  366.331546][T18251]  ____sys_sendmsg+0xaaf/0xc90
[  366.331559][T18251]  ? copy_msghdr_from_user+0x10b/0x160
[  366.331575][T18251]  ? __pfx_____sys_sendmsg+0x10/0x10
[  366.331593][T18251]  ___sys_sendmsg+0x135/0x1e0
[  366.331609][T18251]  ? __pfx____sys_sendmsg+0x10/0x10
[  366.331630][T18251]  ? __pfx_lock_release+0x10/0x10
[  366.331645][T18251]  ? trace_lock_acquire+0x14e/0x1f0
[  366.331661][T18251]  ? __fget_files+0x206/0x3a0
[  366.331674][T18251]  __sys_sendmsg+0x16e/0x220
[  366.331690][T18251]  ? __pfx___sys_sendmsg+0x10/0x10
[  366.331714][T18251]  do_syscall_64+0xcd/0x250
[  366.331731][T18251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.331746][T18251] RIP: 0033:0x7fc20518d169
[  366.331754][T18251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  366.331764][T18251] RSP: 002b:00007fc206038038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  366.331774][T18251] RAX: ffffffffffffffda RBX: 00007fc2053a5fa0 RCX: 00007fc20518d169
[  366.331781][T18251] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003
[  366.331787][T18251] RBP: 00007fc206038090 R08: 0000000000000000 R09: 0000000000000000
[  366.331793][T18251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  366.331799][T18251] R13: 0000000000000000 R14: 00007fc2053a5fa0 R15: 00007ffd53e70d88
[  366.331812][T18251]  </TASK>
[  366.452999][T18260] netlink: 'syz.7.4770': attribute type 10 has an invalid length.
[  366.454940][T18260] bridge0: left allmulticast mode
[  366.458850][T18260] bridge0: entered allmulticast mode
[  366.461017][T18260] bond0: (slave bridge0): Enslaving as an active interface with a down link
[  366.640987][T18284] IPv6: NLM_F_CREATE should be specified when creating new route
[  366.644309][T18284] program syz.6.4781 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  366.732802][T18296] xt_CT: You must specify a L4 protocol and not use inversions on it
[  366.879506][   T40] audit: type=1400 audit(1742700881.252:783): avc:  denied  { unmount } for  pid=14921 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  366.962690][   T40] audit: type=1400 audit(1742700881.327:784): avc:  denied  { setopt } for  pid=18320 comm="syz.4.4799" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  366.962722][   T40] audit: type=1400 audit(1742700881.327:785): avc:  denied  { remount } for  pid=18320 comm="syz.4.4799" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  367.052402][T18329] raw_sendmsg: syz.5.4803 forgot to set AF_INET. Fix it!
[  367.339512][T18349] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  367.412217][T18355] 8021q: VLANs not supported on gre0
[  367.430914][   T40] audit: type=1400 audit(1742700881.766:786): avc:  denied  { setopt } for  pid=18356 comm="syz.5.4816" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  367.487089][T18355] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4815'.
[  367.490473][T18355] 9pnet_fd: Insufficient options for proto=fd
[  367.952808][T18385] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  367.957562][T18385] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  368.485443][T18416] FAULT_INJECTION: forcing a failure.
[  368.485443][T18416] name failslab, interval 1, probability 0, space 0, times 0
[  368.489813][T18416] CPU: 1 UID: 0 PID: 18416 Comm: syz.4.4838 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  368.489829][T18416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  368.489836][T18416] Call Trace:
[  368.489839][T18416]  <TASK>
[  368.489843][T18416]  dump_stack_lvl+0x16c/0x1f0
[  368.489862][T18416]  should_fail_ex+0x50a/0x650
[  368.489879][T18416]  ? fs_reclaim_acquire+0xae/0x150
[  368.489896][T18416]  should_failslab+0xc2/0x120
[  368.489909][T18416]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  368.489921][T18416]  ? __kernfs_new_node+0xd3/0x890
[  368.489939][T18416]  __kernfs_new_node+0xd3/0x890
[  368.489955][T18416]  ? lockdep_hardirqs_on+0x7c/0x110
[  368.489971][T18416]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  368.489985][T18416]  ? __pfx___kernfs_new_node+0x10/0x10
[  368.490003][T18416]  ? shmem_statfs+0x1bb/0x3f0
[  368.490020][T18416]  ? find_held_lock+0x2d/0x110
[  368.490034][T18416]  ? queue_limits_commit_update+0x29b/0x340
[  368.490054][T18416]  kernfs_new_node+0x186/0x240
[  368.490067][T18416]  kernfs_create_dir_ns+0x4c/0x150
[  368.490079][T18416]  internal_create_group+0x34e/0xf10
[  368.490096][T18416]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  368.490114][T18416]  ? __pfx_internal_create_group+0x10/0x10
[  368.490132][T18416]  ? lo_can_use_dio+0x261/0x420
[  368.490149][T18416]  loop_configure+0x951/0x1300
[  368.490174][T18416]  ? __pfx_loop_configure+0x10/0x10
[  368.490190][T18416]  ? find_held_lock+0x2d/0x110
[  368.490208][T18416]  ? __might_fault+0xe3/0x190
[  368.490224][T18416]  lo_ioctl+0xba4/0x1e20
[  368.490239][T18416]  ? __pfx___lock_acquire+0x10/0x10
[  368.490255][T18416]  ? kasan_save_stack+0x42/0x60
[  368.490265][T18416]  ? kasan_save_stack+0x33/0x60
[  368.490277][T18416]  ? find_held_lock+0x2d/0x110
[  368.490290][T18416]  ? avc_has_extended_perms+0x33f/0x1580
[  368.490302][T18416]  ? __pfx_lo_ioctl+0x10/0x10
[  368.490317][T18416]  ? __pfx_mark_lock+0x10/0x10
[  368.490332][T18416]  ? lock_acquire+0x2f/0xb0
[  368.490346][T18416]  ? avc_has_extended_perms+0x210/0x1580
[  368.490358][T18416]  ? avc_has_extended_perms+0x481/0x1580
[  368.490373][T18416]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  368.490386][T18416]  ? tomoyo_path_number_perm+0x298/0x590
[  368.490407][T18416]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  368.490428][T18416]  ? blkdev_common_ioctl+0x1d0/0x2210
[  368.490451][T18416]  ? __pfx_lock_release+0x10/0x10
[  368.490468][T18416]  ? __pfx_lo_ioctl+0x10/0x10
[  368.490483][T18416]  blkdev_ioctl+0x276/0x6d0
[  368.490494][T18416]  ? __pfx_blkdev_ioctl+0x10/0x10
[  368.490503][T18416]  ? selinux_file_ioctl+0x180/0x270
[  368.490520][T18416]  ? selinux_file_ioctl+0xb4/0x270
[  368.490537][T18416]  ? __pfx_blkdev_ioctl+0x10/0x10
[  368.490549][T18416]  __x64_sys_ioctl+0x190/0x200
[  368.490565][T18416]  do_syscall_64+0xcd/0x250
[  368.490581][T18416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.490596][T18416] RIP: 0033:0x7fa64b78d169
[  368.490605][T18416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.490616][T18416] RSP: 002b:00007fa6495f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  368.490626][T18416] RAX: ffffffffffffffda RBX: 00007fa64b9a5fa0 RCX: 00007fa64b78d169
[  368.490633][T18416] RDX: 00002000000002c0 RSI: 0000000000004c0a RDI: 0000000000000003
[  368.490639][T18416] RBP: 00007fa6495f6090 R08: 0000000000000000 R09: 0000000000000000
[  368.490645][T18416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  368.490651][T18416] R13: 0000000000000000 R14: 00007fa64b9a5fa0 R15: 00007ffe5c1bb678
[  368.490664][T18416]  </TASK>
[  368.490670][T18416] loop9: detected capacity change from 0 to 8
[  368.503431][T18418] tipc: Enabled bearer <eth:wlan1>, priority 10
[  368.504333][T18416]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  368.596242][T18416] loop9: partition table partially beyond EOD, truncated
[  368.598259][T18416] loop9: p1 size 81768186 extends beyond EOD, truncated
[  368.672700][T18440] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4850'.
[  368.675206][T18440] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4850'.
[  368.725668][T18448] Cache volume key already in use (9p,syz,)
[  368.746608][T18450] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  368.748470][T18450] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  368.751151][T18450] vhci_hcd vhci_hcd.0: Device attached
[  368.753823][T18450] 9pnet_fd: Insufficient options for proto=fd
[  368.777118][T18451] vhci_hcd: connection closed
[  368.778046][   T69] vhci_hcd: stop threads
[  368.778074][T18457] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4857'.
[  368.779824][   T69] vhci_hcd: release socket
[  368.784563][   T69] vhci_hcd: disconnect device
[  369.090870][T18490] tipc: Enabling of bearer <eth:wlan1> rejected, already enabled
[  369.885932][ T5979] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  370.061165][ T5979] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  370.068269][ T5979] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  370.070855][ T5979] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.073259][ T5979] usb 9-1: Product: syz
[  370.074916][ T5979] usb 9-1: Manufacturer: syz
[  370.076785][ T5979] usb 9-1: SerialNumber: syz
[  370.077118][T18517] overlayfs: failed to clone upperpath
[  370.089069][   T40] audit: type=1400 audit(1742700884.265:787): avc:  denied  { ioctl } for  pid=18512 comm="syz.5.4878" path="socket:[77828]" dev="sockfs" ino=77828 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  370.152009][T18523] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4882'.
[  370.159490][T18523] netlink: 'syz.7.4882': attribute type 11 has an invalid length.
[  370.161864][T18523] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4882'.
[  370.298055][ T5979] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 18 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  370.516806][T18504] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  370.519960][T18504] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  370.525637][ T5979] usb 9-1: USB disconnect, device number 18
[  370.530490][ T5979] usblp0: removed
[  370.901221][T18559] 9pnet: Limiting 'msize' to 512000 as this is the maximum supported by transport virtio
[  371.089897][T18570] netlink: 'syz.4.4900': attribute type 11 has an invalid length.
[  371.092983][T18570] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4900'.
[  371.516439][T18616] netlink: 'syz.7.4915': attribute type 2 has an invalid length.
[  371.554517][T18620] : entered promiscuous mode
[  371.741990][   T40] audit: type=1400 audit(1742700885.799:788): avc:  denied  { getopt } for  pid=18643 comm="syz.4.4925" lport=5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  371.793401][T18646] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4926'.
[  371.804215][   T40] audit: type=1400 audit(1742700885.865:789): avc:  granted  { setsecparam } for  pid=18649 comm="syz.4.4928" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  371.810114][T18650] delete_channel: no stack
[  371.890011][ T5943] Bluetooth: hci0: unexpected event for opcode 0x1405
[  371.917286][T18660] vlan2: entered allmulticast mode
[  371.919042][T18660] bond0: entered allmulticast mode
[  371.920508][T18660] bond_slave_0: entered allmulticast mode
[  371.922188][T18660] bond_slave_1: entered allmulticast mode
[  371.923784][T18660] batadv0: entered allmulticast mode
[  371.929606][T18660] bond0: left allmulticast mode
[  371.930986][T18660] bond_slave_0: left allmulticast mode
[  371.932504][T18660] bond_slave_1: left allmulticast mode
[  371.934090][T18660] batadv0: left allmulticast mode
[  371.998241][T18671] trusted_key: encrypted_key: insufficient parameters specified
[  372.082286][T18683] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18683 comm=syz.5.4943
[  372.199466][T18698] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4947'.
[  373.405640][T18738] block nbd4: shutting down sockets
[  373.779102][T18767] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4973'.
[  373.847947][   T40] audit: type=1400 audit(1742700887.773:790): avc:  denied  { relabelfrom } for  pid=18771 comm="syz.6.4975" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  373.848512][T18772] syzkaller0: tun_chr_ioctl cmd 1074025678
[  373.856680][   T40] audit: type=1400 audit(1742700887.773:791): avc:  denied  { relabelto } for  pid=18771 comm="syz.6.4975" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  373.857668][T18772] syzkaller0: group set to 6
[  373.867118][   T40] audit: type=1107 audit(1742700887.792:792): pid=18771 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  373.867573][T18772] /dev/sg0: Can't lookup blockdev
[  373.875440][T18772] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=49 sclass=netlink_audit_socket pid=18772 comm=syz.6.4975
[  374.156699][T18800] virtio-fs: tag <(null)> not found
[  374.200029][T18803] xt_TCPMSS: Only works on TCP SYN packets
[  374.466018][T18809] FAULT_INJECTION: forcing a failure.
[  374.466018][T18809] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  374.470307][T18809] CPU: 1 UID: 0 PID: 18809 Comm: syz.4.4987 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  374.470339][T18809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  374.470349][T18809] Call Trace:
[  374.470355][T18809]  <TASK>
[  374.470361][T18809]  dump_stack_lvl+0x16c/0x1f0
[  374.470386][T18809]  should_fail_ex+0x50a/0x650
[  374.470409][T18809]  ? __pfx___might_resched+0x10/0x10
[  374.470435][T18809]  should_fail_alloc_page+0xe7/0x130
[  374.470454][T18809]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  374.470480][T18809]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  374.470498][T18809]  ? copy_splice_read+0x1a8/0xb80
[  374.470521][T18809]  ? stack_trace_save+0x95/0xd0
[  374.470550][T18809]  ? __pfx_stack_trace_save+0x10/0x10
[  374.470569][T18809]  ? stack_depot_save_flags+0x28/0x9c0
[  374.470597][T18809]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  374.470615][T18809]  ? kasan_save_stack+0x42/0x60
[  374.470631][T18809]  ? kasan_save_track+0x14/0x30
[  374.470650][T18809]  ? __kmalloc_noprof+0x21c/0x510
[  374.470666][T18809]  ? copy_splice_read+0x1a8/0xb80
[  374.470686][T18809]  ? do_splice_read+0x2bd/0x370
[  374.470707][T18809]  ? splice_direct_to_actor+0x2a4/0xa40
[  374.470729][T18809]  ? do_splice_direct+0x178/0x250
[  374.470751][T18809]  ? do_sendfile+0xafb/0xe40
[  374.470772][T18809]  ? __x64_sys_sendfile64+0x1da/0x220
[  374.470806][T18809]  alloc_pages_bulk_noprof+0x6f9/0x1390
[  374.470830][T18809]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  374.470852][T18809]  ? trace_kmalloc+0x2d/0xd0
[  374.470871][T18809]  ? __kmalloc_noprof+0x23b/0x510
[  374.470891][T18809]  copy_splice_read+0x1e0/0xb80
[  374.470913][T18809]  ? look_up_lock_class+0x6b/0x150
[  374.470935][T18809]  ? __pfx_copy_splice_read+0x10/0x10
[  374.470959][T18809]  ? __pfx_register_lock_class+0x10/0x10
[  374.470989][T18809]  ? __pfx_filemap_splice_read+0x10/0x10
[  374.471005][T18809]  do_splice_read+0x2bd/0x370
[  374.471025][T18809]  splice_direct_to_actor+0x2a4/0xa40
[  374.471041][T18809]  ? __pfx_direct_splice_actor+0x10/0x10
[  374.471060][T18809]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  374.471077][T18809]  ? __pfx___might_resched+0x10/0x10
[  374.471094][T18809]  do_splice_direct+0x178/0x250
[  374.471110][T18809]  ? __pfx_do_splice_direct+0x10/0x10
[  374.471127][T18809]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  374.471148][T18809]  ? bpf_lsm_file_permission+0x9/0x10
[  374.471165][T18809]  ? security_file_permission+0x71/0x210
[  374.471190][T18809]  ? rw_verify_area+0xcf/0x680
[  374.471213][T18809]  do_sendfile+0xafb/0xe40
[  374.471240][T18809]  ? __pfx_do_sendfile+0x10/0x10
[  374.471262][T18809]  ? __fget_files+0x206/0x3a0
[  374.471280][T18809]  __x64_sys_sendfile64+0x1da/0x220
[  374.471292][T18809]  ? ksys_write+0x1ba/0x250
[  374.471301][T18809]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  374.471317][T18809]  do_syscall_64+0xcd/0x250
[  374.471332][T18809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.471348][T18809] RIP: 0033:0x7fa64b78d169
[  374.471357][T18809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  374.471367][T18809] RSP: 002b:00007fa6495b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  374.471378][T18809] RAX: ffffffffffffffda RBX: 00007fa64b9a6160 RCX: 00007fa64b78d169
[  374.471384][T18809] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[  374.471391][T18809] RBP: 00007fa6495b4090 R08: 0000000000000000 R09: 0000000000000000
[  374.471400][T18809] R10: 0000000000040008 R11: 0000000000000246 R12: 0000000000000001
[  374.471406][T18809] R13: 0000000000000000 R14: 00007fa64b9a6160 R15: 00007ffe5c1bb678
[  374.471419][T18809]  </TASK>
[  374.969846][ T5949] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  374.976118][ T5949] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  374.978014][T17665] ------------[ cut here ]------------
[  374.980434][T17665] refcount_t: underflow; use-after-free.
[  374.980496][ T5949] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  374.982306][T17665] WARNING: CPU: 0 PID: 17665 at lib/refcount.c:28 refcount_warn_saturate+0x14a/0x210
[  374.987174][T17665] Modules linked in:
[  374.988393][T17665] CPU: 0 UID: 0 PID: 17665 Comm: syz.7.4550 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  374.992563][T17665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  374.994310][ T5949] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  374.995724][T17665] RIP: 0010:refcount_warn_saturate+0x14a/0x210
[  374.999324][T17665] Code: ff 89 de e8 58 1b f5 fc 84 db 0f 85 66 ff ff ff e8 ab 20 f5 fc c6 05 e7 2a 86 0b 01 90 48 c7 c7 20 17 d3 8b e8 f7 50 b5 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 88 20 f5 fc 0f b6 1d c2 2a 86 0b 31
[  375.000288][ T5949] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  375.004677][T17665] RSP: 0018:ffffc900037b7748 EFLAGS: 00010282
[  375.007105][ T5949] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  375.008328][T17665] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a2269
[  375.012490][T17665] RDX: ffff88805aec8000 RSI: ffffffff817a2276 RDI: 0000000000000001
[  375.014895][T17665] RBP: ffff888030c32478 R08: 0000000000000001 R09: 0000000000000000
[  375.017199][T17665] R10: 0000000000000000 R11: 0000000000000007 R12: ffff88805fa23400
[  375.019419][T17665] R13: ffff888030c32478 R14: ffffffff85ec4270 R15: dffffc0000000000
[  375.021601][T17665] FS:  0000000000000000(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000
[  375.024152][T17665] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  375.026014][T17665] CR2: 000000110c3ae66d CR3: 0000000048150000 CR4: 0000000000352ef0
[  375.028380][T17665] DR0: 0000000000000000 DR1: 0000000000000097 DR2: 0000000000000000
[  375.030625][T17665] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  375.032873][T17665] Call Trace:
[  375.033824][T17665]  <TASK>
[  375.034667][T17665]  ? __warn+0xea/0x3c0
[  375.035822][T17665]  ? __pfx_vprintk_emit+0x10/0x10
[  375.037281][T17665]  ? refcount_warn_saturate+0x14a/0x210
[  375.038903][T17665]  ? report_bug+0x3c0/0x580
[  375.040190][T17665]  ? handle_bug+0x54/0xa0
[  375.041450][T17665]  ? exc_invalid_op+0x17/0x50
[  375.042782][T17665]  ? asm_exc_invalid_op+0x1a/0x20
[  375.044313][T17665]  ? __pfx_klist_children_put+0x10/0x10
[  375.045909][T17665]  ? __warn_printk+0x199/0x350
[  375.047286][T17665]  ? __warn_printk+0x1a6/0x350
[  375.048710][T17665]  ? refcount_warn_saturate+0x14a/0x210
[  375.050266][T17665]  ? refcount_warn_saturate+0x149/0x210
[  375.051844][T17665]  klist_put+0x11b/0x1b0
[  375.053096][T17665]  klist_remove+0x140/0x2b0
[  375.054386][T17665]  ? __pfx_klist_remove+0x10/0x10
[  375.055763][T17665]  ? get_device_parent+0x1ed/0x4e0
[  375.057298][T17665]  device_move+0x12d/0x10b0
[  375.058640][T17665]  hci_conn_del_sysfs+0x81/0x180
[  375.060042][T17665]  hci_conn_del+0x54e/0xdb0
[  375.061377][T17665]  hci_conn_hash_flush+0x186/0x260
[  375.062842][T17665]  hci_dev_close_sync+0x603/0x11a0
[  375.064287][T17665]  ? __pfx_hci_dev_close_sync+0x10/0x10
[  375.064675][T18817] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4990'.
[  375.065839][T17665]  ? up_write+0x1b2/0x520
[  375.069665][T17665]  ? rcu_is_watching+0x12/0xc0
[  375.071066][T17665]  hci_dev_do_close+0x2e/0x90
[  375.072420][T17665]  hci_unregister_dev+0x213/0x620
[  375.073892][T17665]  ? __pfx_vhci_release+0x10/0x10
[  375.075334][T17665]  vhci_release+0x79/0xf0
[  375.076558][T17665]  __fput+0x3ff/0xb70
[  375.077722][T17665]  task_work_run+0x14e/0x250
[  375.079046][T17665]  ? __pfx_task_work_run+0x10/0x10
[  375.080536][T17665]  do_exit+0xad8/0x2db0
[  375.081782][T17665]  ? get_signal+0x1d3e/0x26c0
[  375.083131][T17665]  ? __pfx_do_exit+0x10/0x10
[  375.084440][T17665]  ? cgroup_update_frozen_flag+0x107/0x210
[  375.086092][T17665]  do_group_exit+0xd3/0x2a0
[  375.087374][T17665]  get_signal+0x24ed/0x26c0
[  375.088689][T17665]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[  375.090251][T17665]  ? __pfx_get_signal+0x10/0x10
[  375.091691][T17665]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  375.093188][T17665]  arch_do_signal_or_restart+0x90/0x7e0
[  375.094783][T17665]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  375.096540][T17665]  ? __pfx___x64_sys_clock_nanosleep+0x10/0x10
[  375.098266][T17665]  syscall_exit_to_user_mode+0x150/0x2a0
[  375.099830][T17665]  do_syscall_64+0xda/0x250
[  375.101213][T17665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.102917][T17665] RIP: 0033:0x7f9592bbfa25
[  375.104173][T17665] Code: Unable to access opcode bytes at 0x7f9592bbf9fb.
[  375.106137][T17665] RSP: 002b:00007f959395cf80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[  375.108453][T17665] RAX: fffffffffffffdfc RBX: 00007f9592da6080 RCX: 00007f9592bbfa25
[  375.110668][T17665] RDX: 00007f959395cfc0 RSI: 0000000000000000 RDI: 0000000000000000
[  375.112931][T17665] RBP: 00007f9592c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  375.115142][T17665] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  375.117364][T17665] R13: 0000000000000000 R14: 00007f9592da6080 R15: 00007ffc5ccaa7f8
[  375.119666][T17665]  </TASK>
[  375.120626][T17665] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  375.122845][T17665] CPU: 0 UID: 0 PID: 17665 Comm: syz.7.4550 Not tainted 6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  375.125782][T17665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  375.128638][T17665] Call Trace:
[  375.129595][T17665]  <TASK>
[  375.130437][T17665]  dump_stack_lvl+0x3d/0x1f0
[  375.131770][T17665]  panic+0x71d/0x800
[  375.132903][T17665]  ? __pfx_panic+0x10/0x10
[  375.134156][T17665]  ? show_trace_log_lvl+0x29d/0x3d0
[  375.135626][T17665]  ? check_panic_on_warn+0x1f/0xb0
[  375.137069][T17665]  ? refcount_warn_saturate+0x14a/0x210
[  375.138609][T17665]  check_panic_on_warn+0xab/0xb0
[  375.140000][T17665]  __warn+0xf6/0x3c0
[  375.141121][T17665]  ? __pfx_vprintk_emit+0x10/0x10
[  375.142557][T17665]  ? refcount_warn_saturate+0x14a/0x210
[  375.144117][T17665]  report_bug+0x3c0/0x580
[  375.145358][T17665]  handle_bug+0x54/0xa0
[  375.146544][T17665]  exc_invalid_op+0x17/0x50
[  375.147829][T17665]  asm_exc_invalid_op+0x1a/0x20
[  375.149216][T17665] RIP: 0010:refcount_warn_saturate+0x14a/0x210
[  375.150930][T17665] Code: ff 89 de e8 58 1b f5 fc 84 db 0f 85 66 ff ff ff e8 ab 20 f5 fc c6 05 e7 2a 86 0b 01 90 48 c7 c7 20 17 d3 8b e8 f7 50 b5 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 88 20 f5 fc 0f b6 1d c2 2a 86 0b 31
[  375.156225][T17665] RSP: 0018:ffffc900037b7748 EFLAGS: 00010282
[  375.157919][T17665] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a2269
[  375.160101][T17665] RDX: ffff88805aec8000 RSI: ffffffff817a2276 RDI: 0000000000000001
[  375.162469][T17665] RBP: ffff888030c32478 R08: 0000000000000001 R09: 0000000000000000
[  375.164691][T17665] R10: 0000000000000000 R11: 0000000000000007 R12: ffff88805fa23400
[  375.166882][T17665] R13: ffff888030c32478 R14: ffffffff85ec4270 R15: dffffc0000000000
[  375.169083][T17665]  ? __pfx_klist_children_put+0x10/0x10
[  375.170663][T17665]  ? __warn_printk+0x199/0x350
[  375.172032][T17665]  ? __warn_printk+0x1a6/0x350
[  375.173393][T17665]  ? refcount_warn_saturate+0x149/0x210
[  375.174934][T17665]  klist_put+0x11b/0x1b0
[  375.176137][T17665]  klist_remove+0x140/0x2b0
[  375.177439][T17665]  ? __pfx_klist_remove+0x10/0x10
[  375.178857][T17665]  ? get_device_parent+0x1ed/0x4e0
[  375.180292][T17665]  device_move+0x12d/0x10b0
[  375.181633][T17665]  hci_conn_del_sysfs+0x81/0x180
[  375.183038][T17665]  hci_conn_del+0x54e/0xdb0
[  375.184326][T17665]  hci_conn_hash_flush+0x186/0x260
[  375.185773][T17665]  hci_dev_close_sync+0x603/0x11a0
[  375.187218][T17665]  ? __pfx_hci_dev_close_sync+0x10/0x10
[  375.188790][T17665]  ? up_write+0x1b2/0x520
[  375.190026][T17665]  ? rcu_is_watching+0x12/0xc0
[  375.191407][T17665]  hci_dev_do_close+0x2e/0x90
[  375.192753][T17665]  hci_unregister_dev+0x213/0x620
[  375.194188][T17665]  ? __pfx_vhci_release+0x10/0x10
[  375.195601][T17665]  vhci_release+0x79/0xf0
[  375.196839][T17665]  __fput+0x3ff/0xb70
[  375.197975][T17665]  task_work_run+0x14e/0x250
[  375.199283][T17665]  ? __pfx_task_work_run+0x10/0x10
[  375.200729][T17665]  do_exit+0xad8/0x2db0
[  375.201939][T17665]  ? get_signal+0x1d3e/0x26c0
[  375.203279][T17665]  ? __pfx_do_exit+0x10/0x10
[  375.204598][T17665]  ? cgroup_update_frozen_flag+0x107/0x210
[  375.206245][T17665]  do_group_exit+0xd3/0x2a0
[  375.207631][T17665]  get_signal+0x24ed/0x26c0
[  375.209010][T17665]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[  375.210602][T17665]  ? __pfx_get_signal+0x10/0x10
[  375.211982][T17665]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  375.213484][T17665]  arch_do_signal_or_restart+0x90/0x7e0
[  375.215030][T17665]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  375.216771][T17665]  ? __pfx___x64_sys_clock_nanosleep+0x10/0x10
[  375.218491][T17665]  syscall_exit_to_user_mode+0x150/0x2a0
[  375.220059][T17665]  do_syscall_64+0xda/0x250
[  375.221348][T17665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.223009][T17665] RIP: 0033:0x7f9592bbfa25
[  375.224258][T17665] Code: Unable to access opcode bytes at 0x7f9592bbf9fb.
[  375.226207][T17665] RSP: 002b:00007f959395cf80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[  375.228509][T17665] RAX: fffffffffffffdfc RBX: 00007f9592da6080 RCX: 00007f9592bbfa25
[  375.230716][T17665] RDX: 00007f959395cfc0 RSI: 0000000000000000 RDI: 0000000000000000
[  375.232961][T17665] RBP: 00007f9592c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  375.235145][T17665] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  375.237337][T17665] R13: 0000000000000000 R14: 00007f9592da6080 R15: 00007ffc5ccaa7f8
[  375.239547][T17665]  </TASK>
[  375.241003][T17665] Kernel Offset: disabled
[  375.242437][T17665] Rebooting in 86400 seconds..

VM DIAGNOSIS:
03:34:52  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000036 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8540c495 RDI=ffffffff9ab847c0 RBP=ffffffff9ab84780 RSP=ffffc900037b70c8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000008
R12=0000000000000000 R13=0000000000000036 R14=ffffffff9ab84780 R15=0000000000000000
RIP=ffffffff8540c4bf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3ae66d CR3=0000000048150000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004000040 Opmask01=0000000000000000 Opmask02=0000000002fefcfe Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe5c1bba00 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa64b80f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa64b80f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa64b80f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa64b80f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa64b80f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa64b80f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000b5dabd RBX=0000000000000001 RCX=ffffffff8b579469 RDX=0000000000000000
RSI=ffffffff8b6cfc80 RDI=ffffffff8bd36a20 RBP=ffffed1003adb000 RSP=ffffc90000197dd8
R8 =0000000000000001 R9 =ffffed100d4e6f85 R10=ffff88806a737c2b R11=0000000000000000
R12=0000000000000001 R13=ffff88801d6d8000 R14=ffffffff90626c10 R15=0000000000000000
RIP=ffffffff810014b0 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c359535 CR3=000000005a202000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa64b80f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa64b80f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa64b80f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa64b80f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa64b80f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa64b80f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa64b97c488 00007fa64b97c480 00007fa64b97c478 00007fa64b97c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa64c4dd100 00007fa64b97c440 00007fa64b97c458 0004000b000c0008
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa64b97c498 00007fa64b97c490 00007fa64b97c488 00007fa64b97c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000001 RBX=000000000003a74f RCX=ffffffff82289104 RDX=000000000000000f
RSI=00000000ffffffff RDI=ffffffff8e1bd140 RBP=ffff88807ffd6620 RSP=ffffc900032b7708
R8 =0000000000000007 R9 =000000000007ffff R10=0000000000000007 R11=0000000000000003
R12=ffff88801be80000 R13=00000000ffffffff R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff8b5785b8 RFL=00000292 [--S-A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f32c56d7d60 CR3=0000000029728000 CR4=00352ef0
DR0=0000000000000680 DR1=0000000000000002 DR2=0000000000000001 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f32c4b7c6a3 00007f32c4b7c6a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffda59b40c0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000300000014 0000000200000021
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000500000007 0000000400000017
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055555a4ff41b 000055555a4ff0c0
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 fff10809b4037a02 0009b20372696472 6570707501ffffff ffffffffffef0809
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0109800400100002 800400040010000a 013fc200020009e0 0358020009de0373
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 75622f2e01ffffff fffffffffff50809 d4037a020009d203 7269646b726f7701
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff f10809c403580200 09c20331656c6966 2f2e01ffffffffff
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 fffffff10809b403 7a020009b2037269 64726570707501ff ffffffffffffffef
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000823acd RBX=0000000000000003 RCX=ffffffff8b579469 RDX=0000000000000000
RSI=ffffffff8b6cfc80 RDI=ffffffff8bd36a20 RBP=ffffed1003adb910 RSP=ffffc900001b7e08
R8 =0000000000000001 R9 =ffffed100d526f85 R10=ffff88806a937c2b R11=0000000000000000
R12=0000000000000003 R13=ffff88801d6dc880 R14=ffffffff90626c10 R15=0000000000000000
RIP=ffffffff8b57a84f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fc2053a7bac CR3=000000005b91a000 CR4=00352ef0
DR0=0000000000000680 DR1=0000000000000003 DR2=0000000000000007 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fede400f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fede400f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fede400f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fede400f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fede400f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fede400f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000